openapi: 3.0.0
info:
version: '2020-06-08'
x-release: v4
title: Inspector2
description: Amazon Inspector is a vulnerability discovery service that automates continuous scanning for security vulnerabilities within your Amazon EC2 and Amazon ECR environments.
x-logo:
url: 'https://twitter.com/awscloud/profile_image?size=original'
backgroundColor: '#FFFFFF'
termsOfService: 'https://aws.amazon.com/service-terms/'
contact:
name: Mike Ralphson
email: mike.ralphson@gmail.com
url: 'https://github.com/mermade/aws2openapi'
x-twitter: PermittedSoc
license:
name: Apache 2.0 License
url: 'http://www.apache.org/licenses/'
x-providerName: amazonaws.com
x-serviceName: inspector2
x-aws-signingName: inspector2
x-origin:
- contentType: application/json
url: 'https://raw.githubusercontent.com/aws/aws-sdk-js/master/apis/inspector2-2020-06-08.normal.json'
converter:
url: 'https://github.com/mermade/aws2openapi'
version: 1.0.0
x-apisguru-driver: external
x-apiClientRegistration:
url: 'https://portal.aws.amazon.com/gp/aws/developer/registration/index.html?nc2=h_ct'
x-apisguru-categories:
- cloud
x-preferred: true
externalDocs:
description: Amazon Web Services documentation
url: 'https://docs.aws.amazon.com/inspector2/'
servers:
- url: 'http://inspector2.{region}.amazonaws.com'
variables:
region:
description: The AWS region
enum:
- us-east-1
- us-east-2
- us-west-1
- us-west-2
- us-gov-west-1
- us-gov-east-1
- ca-central-1
- eu-north-1
- eu-west-1
- eu-west-2
- eu-west-3
- eu-central-1
- eu-south-1
- af-south-1
- ap-northeast-1
- ap-northeast-2
- ap-northeast-3
- ap-southeast-1
- ap-southeast-2
- ap-east-1
- ap-south-1
- sa-east-1
- me-south-1
default: us-east-1
description: The Inspector2 multi-region endpoint
- url: 'https://inspector2.{region}.amazonaws.com'
variables:
region:
description: The AWS region
enum:
- us-east-1
- us-east-2
- us-west-1
- us-west-2
- us-gov-west-1
- us-gov-east-1
- ca-central-1
- eu-north-1
- eu-west-1
- eu-west-2
- eu-west-3
- eu-central-1
- eu-south-1
- af-south-1
- ap-northeast-1
- ap-northeast-2
- ap-northeast-3
- ap-southeast-1
- ap-southeast-2
- ap-east-1
- ap-south-1
- sa-east-1
- me-south-1
default: us-east-1
description: The Inspector2 multi-region endpoint
- url: 'http://inspector2.{region}.amazonaws.com.cn'
variables:
region:
description: The AWS region
enum:
- cn-north-1
- cn-northwest-1
default: cn-north-1
description: The Inspector2 endpoint for China (Beijing) and China (Ningxia)
- url: 'https://inspector2.{region}.amazonaws.com.cn'
variables:
region:
description: The AWS region
enum:
- cn-north-1
- cn-northwest-1
default: cn-north-1
description: The Inspector2 endpoint for China (Beijing) and China (Ningxia)
x-hasEquivalentPaths: true
paths:
/members/associate:
post:
operationId: AssociateMember
description: 'Associates an Amazon Web Services account with an Amazon Inspector delegated administrator. An HTTP 200 response indicates the association was successfully started, but doesn’t indicate
whether it was completed. You can check if the association completed by using ListMembers for multiple accounts
or GetMembers for a single account.'
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/AssociateMemberResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- accountId
properties:
accountId:
description: The Amazon Web Services account ID of the member account to be associated.
type: string
pattern: '^\d{12}$'
minLength: 12
maxLength: 12
summary: Amazon Inspector Associate Member
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/status/batch/get:
post:
operationId: BatchGetAccountStatus
description: Retrieves the Amazon Inspector status of multiple Amazon Web Services accounts within your environment.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/BatchGetAccountStatusResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
accountIds:
description: The 12-digit Amazon Web Services account IDs of the accounts to retrieve Amazon Inspector status for.
type: array
items:
$ref: '#/components/schemas/AccountId'
minItems: 0
maxItems: 100
summary: Amazon Inspector Batch Get Account Status
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/codesnippet/batchget:
post:
operationId: BatchGetCodeSnippet
description: Retrieves code snippets from findings that Amazon Inspector detected code vulnerabilities in.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/BatchGetCodeSnippetResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- findingArns
properties:
findingArns:
description: An array of finding ARNs for the findings you want to retrieve code snippets from.
type: array
items:
$ref: '#/components/schemas/FindingArn'
minItems: 1
maxItems: 10
summary: Amazon Inspector Batch Get Code Snippet
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/findings/details/batch/get:
post:
operationId: BatchGetFindingDetails
description: Gets vulnerability details for findings.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/BatchGetFindingDetailsResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- findingArns
properties:
findingArns:
description: A list of finding ARNs.
type: array
items:
$ref: '#/components/schemas/FindingArn'
minItems: 1
maxItems: 10
summary: Amazon Inspector Batch Get Finding Details
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/freetrialinfo/batchget:
post:
operationId: BatchGetFreeTrialInfo
description: Gets free trial status for multiple Amazon Web Services accounts.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/BatchGetFreeTrialInfoResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- accountIds
properties:
accountIds:
description: The account IDs to get free trial status for.
type: array
items:
$ref: '#/components/schemas/MeteringAccountId'
minItems: 1
maxItems: 100
summary: Amazon Inspector Batch Get Free Trial Info
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/ec2deepinspectionstatus/member/batch/get:
post:
operationId: BatchGetMemberEc2DeepInspectionStatus
description: Retrieves Amazon Inspector deep inspection activation status of multiple member accounts within your organization. You must be the delegated administrator of an organization in
Amazon Inspector to use this API.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/BatchGetMemberEc2DeepInspectionStatusResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
accountIds:
description: The unique identifiers for the Amazon Web Services accounts to retrieve Amazon Inspector deep inspection activation status for. </p>
type: array
items:
$ref: '#/components/schemas/AccountId'
minItems: 0
maxItems: 100
summary: Amazon Inspector Batch Get Member Ec2 Deep Inspection Status
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/ec2deepinspectionstatus/member/batch/update:
post:
operationId: BatchUpdateMemberEc2DeepInspectionStatus
description: Activates or deactivates Amazon Inspector deep inspection for the provided member accounts in your organization. You must be the delegated administrator of an organization in Amazon
Inspector to use this API.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/BatchUpdateMemberEc2DeepInspectionStatusResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- accountIds
properties:
accountIds:
description: The unique identifiers for the Amazon Web Services accounts to change Amazon Inspector deep inspection status for.
type: array
items:
$ref: '#/components/schemas/MemberAccountEc2DeepInspectionStatus'
minItems: 0
maxItems: 100
summary: Amazon Inspector Batch Update Member Ec2 Deep Inspection Status
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/reporting/cancel:
post:
operationId: CancelFindingsReport
description: Cancels the given findings report.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/CancelFindingsReportResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- reportId
properties:
reportId:
description: The ID of the report to be canceled.
type: string
pattern: '\b[a-f0-9]{8}\b-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-\b[a-f0-9]{12}\b'
summary: Amazon Inspector Cancel Findings Report
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/sbomexport/cancel:
post:
operationId: CancelSbomExport
description: Cancels a software bill of materials (SBOM) report.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/CancelSbomExportResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- reportId
properties:
reportId:
description: The report ID of the SBOM export to cancel.
type: string
pattern: '\b[a-f0-9]{8}\b-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-\b[a-f0-9]{12}\b'
summary: Amazon Inspector Cancel Sbom Export
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/filters/create:
post:
operationId: CreateFilter
description: Creates a filter resource using specified filter criteria.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/CreateFilterResponse'
'480':
description: ServiceQuotaExceededException
content:
application/json:
schema:
$ref: '#/components/schemas/ServiceQuotaExceededException'
'481':
description: BadRequestException
content:
application/json:
schema:
$ref: '#/components/schemas/BadRequestException'
'482':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'483':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'484':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'485':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- action
- filterCriteria
- name
properties:
action:
description: Defines the action that is to be applied to the findings that match the filter.
type: string
enum:
- NONE
- SUPPRESS
description:
description: A description of the filter.
type: string
minLength: 1
maxLength: 512
filterCriteria:
description: Details on the criteria used to define the filter.
type: object
properties:
awsAccountId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon Web Services account IDs used to filter findings.
codeVulnerabilityDetectorName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.
codeVulnerabilityDetectorTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list
of available tags by programming language, see Java tags, or Python
tags. '
codeVulnerabilityFilePath:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.
componentId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component IDs used to filter findings.
componentType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component types used to filter findings.
ec2InstanceImageId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance image IDs used to filter findings.
ec2InstanceSubnetId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance subnet IDs used to filter findings.
ec2InstanceVpcId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance VPC IDs used to filter findings.
ecrImageArchitecture:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image architecture types used to filter findings.
ecrImageHash:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image hashes used to filter findings.
ecrImagePushedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the Amazon ECR image push date and time used to filter findings.
ecrImageRegistry:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the Amazon ECR registry used to filter findings.
ecrImageRepositoryName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the name of the Amazon ECR repository used to filter findings.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The tags attached to the Amazon ECR container image.
epssScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The EPSS score used to filter findings.
exploitAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda findings by the availability of exploits.
findingArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding ARNs used to filter findings.
findingStatus:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding status types used to filter findings.
findingType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding types used to filter findings.
firstObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was first seen used to filter findings.
fixAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.'
inspectorScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The Amazon Inspector score to filter on.
lambdaFunctionExecutionRoleArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by execution role.
lambdaFunctionLastModifiedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: 'Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO
8601 format '
lambdaFunctionLayers:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Filters the list of AWS Lambda functions by the function''s layers. A Lambda function
can have up to five layers.'
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the name of the function.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
lastObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last seen used to filter findings.
networkProtocol:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on network protocol used to filter findings.
portRange:
allOf:
- $ref: '#/components/schemas/PortRangeFilterList'
- description: Details on the port ranges used to filter findings.
relatedVulnerabilities:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the related vulnerabilities used to filter findings.
resourceId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource IDs used to filter findings.
resourceTags:
allOf:
- $ref: '#/components/schemas/MapFilterList'
- description: Details on the resource tags used to filter findings.
resourceType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource types used to filter findings.
severity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the severity used to filter findings.
title:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding title used to filter findings.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last updated at used to filter findings.
vendorSeverity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vendor severity used to filter findings.
vulnerabilityId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability ID used to filter findings.
vulnerabilitySource:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability type used to filter findings.
vulnerablePackages:
allOf:
- $ref: '#/components/schemas/PackageFilterList'
- description: Details on the vulnerable packages used to filter findings.
name:
description: 'The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not
allowed.'
type: string
minLength: 1
maxLength: 128
reason:
description: The reason for creating the filter.
type: string
minLength: 1
maxLength: 512
tags:
description: A list of tags for the filter.
type: object
additionalProperties:
$ref: '#/components/schemas/MapValue'
summary: Amazon Inspector Create Filter
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/reporting/create:
post:
operationId: CreateFindingsReport
description: 'Creates a finding report. By default only ACTIVE findings are returned in the report. To see SUPRESSED or CLOSED findings you must specify a value
for the findingStatus filter criteria. '
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/CreateFindingsReportResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- reportFormat
- s3Destination
properties:
filterCriteria:
description: Details on the criteria used to define the filter.
type: object
properties:
awsAccountId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon Web Services account IDs used to filter findings.
codeVulnerabilityDetectorName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.
codeVulnerabilityDetectorTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list
of available tags by programming language, see Java tags, or Python
tags. '
codeVulnerabilityFilePath:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.
componentId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component IDs used to filter findings.
componentType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component types used to filter findings.
ec2InstanceImageId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance image IDs used to filter findings.
ec2InstanceSubnetId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance subnet IDs used to filter findings.
ec2InstanceVpcId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance VPC IDs used to filter findings.
ecrImageArchitecture:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image architecture types used to filter findings.
ecrImageHash:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image hashes used to filter findings.
ecrImagePushedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the Amazon ECR image push date and time used to filter findings.
ecrImageRegistry:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the Amazon ECR registry used to filter findings.
ecrImageRepositoryName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the name of the Amazon ECR repository used to filter findings.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The tags attached to the Amazon ECR container image.
epssScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The EPSS score used to filter findings.
exploitAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda findings by the availability of exploits.
findingArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding ARNs used to filter findings.
findingStatus:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding status types used to filter findings.
findingType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding types used to filter findings.
firstObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was first seen used to filter findings.
fixAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.'
inspectorScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The Amazon Inspector score to filter on.
lambdaFunctionExecutionRoleArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by execution role.
lambdaFunctionLastModifiedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: 'Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO
8601 format '
lambdaFunctionLayers:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Filters the list of AWS Lambda functions by the function''s layers. A Lambda function
can have up to five layers.'
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the name of the function.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
lastObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last seen used to filter findings.
networkProtocol:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on network protocol used to filter findings.
portRange:
allOf:
- $ref: '#/components/schemas/PortRangeFilterList'
- description: Details on the port ranges used to filter findings.
relatedVulnerabilities:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the related vulnerabilities used to filter findings.
resourceId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource IDs used to filter findings.
resourceTags:
allOf:
- $ref: '#/components/schemas/MapFilterList'
- description: Details on the resource tags used to filter findings.
resourceType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource types used to filter findings.
severity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the severity used to filter findings.
title:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding title used to filter findings.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last updated at used to filter findings.
vendorSeverity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vendor severity used to filter findings.
vulnerabilityId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability ID used to filter findings.
vulnerabilitySource:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability type used to filter findings.
vulnerablePackages:
allOf:
- $ref: '#/components/schemas/PackageFilterList'
- description: Details on the vulnerable packages used to filter findings.
reportFormat:
description: The format to generate the report in.
type: string
enum:
- CSV
- JSON
s3Destination:
description: Contains details of the Amazon S3 bucket and KMS key used to export findings.
type: object
properties:
bucketName:
allOf:
- $ref: '#/components/schemas/String'
- description: The name of the Amazon S3 bucket to export findings to.
keyPrefix:
allOf:
- $ref: '#/components/schemas/String'
- description: The prefix that the findings will be written under.
kmsKeyArn:
allOf:
- $ref: '#/components/schemas/String'
- description: The ARN of the KMS key used to encrypt data when exporting findings.
summary: Amazon Inspector Create Findings Report
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/sbomexport/create:
post:
operationId: CreateSbomExport
description: Creates a software bill of materials (SBOM) report.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/CreateSbomExportResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- reportFormat
- s3Destination
properties:
reportFormat:
description: The output format for the software bill of materials (SBOM) report.
type: string
enum:
- CYCLONEDX_1_4
- SPDX_2_3
resourceFilterCriteria:
description: The resource filter criteria for a Software bill of materials (SBOM) report.
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The account IDs used as resource filter criteria.
ec2InstanceTags:
allOf:
- $ref: '#/components/schemas/ResourceMapFilterList'
- description: The EC2 instance tags used as resource filter criteria.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The ECR image tags used as resource filter criteria.
ecrRepositoryName:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The ECR repository names used as resource filter criteria.
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The AWS Lambda function name used as resource filter criteria.
lambdaFunctionTags:
allOf:
- $ref: '#/components/schemas/ResourceMapFilterList'
- description: The AWS Lambda function tags used as resource filter criteria.
resourceId:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The resource IDs used as resource filter criteria.
resourceType:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The resource types used as resource filter criteria.
s3Destination:
description: Contains details of the Amazon S3 bucket and KMS key used to export findings.
type: object
properties:
bucketName:
allOf:
- $ref: '#/components/schemas/String'
- description: The name of the Amazon S3 bucket to export findings to.
keyPrefix:
allOf:
- $ref: '#/components/schemas/String'
- description: The prefix that the findings will be written under.
kmsKeyArn:
allOf:
- $ref: '#/components/schemas/String'
- description: The ARN of the KMS key used to encrypt data when exporting findings.
summary: Amazon Inspector Create Sbom Export
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/filters/delete:
post:
operationId: DeleteFilter
description: Deletes a filter resource.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/DeleteFilterResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- arn
properties:
arn:
description: The Amazon Resource Number (ARN) of the filter to be deleted.
type: string
minLength: 1
maxLength: 128
summary: Amazon Inspector Delete Filter
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/organizationconfiguration/describe:
post:
operationId: DescribeOrganizationConfiguration
description: Describe Amazon Inspector configuration settings for an Amazon Web Services organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/DescribeOrganizationConfigurationResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
summary: Amazon Inspector Describe Organization Configuration
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/disable:
post:
operationId: Disable
description: Disables Amazon Inspector scans for one or more Amazon Web Services accounts. Disabling all scan types in an account disables the Amazon Inspector service.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/DisableResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
accountIds:
description: An array of account IDs you want to disable Amazon Inspector scans for.
type: array
items:
$ref: '#/components/schemas/AccountId'
minItems: 0
maxItems: 100
resourceTypes:
description: The resource scan types you want to disable.
type: array
items:
$ref: '#/components/schemas/ResourceScanType'
minItems: 0
maxItems: 3
summary: Amazon Inspector Disable
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/delegatedadminaccounts/disable:
post:
operationId: DisableDelegatedAdminAccount
description: Disables the Amazon Inspector delegated administrator for your organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/DisableDelegatedAdminAccountResponse'
'480':
description: ConflictException
content:
application/json:
schema:
$ref: '#/components/schemas/ConflictException'
'481':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'482':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'483':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'484':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'485':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- delegatedAdminAccountId
properties:
delegatedAdminAccountId:
description: The Amazon Web Services account ID of the current Amazon Inspector delegated administrator.
type: string
pattern: '^\d{12}$'
minLength: 12
maxLength: 12
summary: Amazon Inspector Disable Delegated Admin Account
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/members/disassociate:
post:
operationId: DisassociateMember
description: Disassociates a member account from an Amazon Inspector delegated administrator.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/DisassociateMemberResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- accountId
properties:
accountId:
description: The Amazon Web Services account ID of the member account to disassociate.
type: string
pattern: '^\d{12}$'
minLength: 12
maxLength: 12
summary: Amazon Inspector Disassociate Member
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/enable:
post:
operationId: Enable
description: Enables Amazon Inspector scans for one or more Amazon Web Services accounts.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/EnableResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- resourceTypes
properties:
accountIds:
description: A list of account IDs you want to enable Amazon Inspector scans for.
type: array
items:
$ref: '#/components/schemas/AccountId'
minItems: 0
maxItems: 100
clientToken:
description: The idempotency token for the request.
type: string
minLength: 1
maxLength: 64
resourceTypes:
description: The resource scan types you want to enable.
type: array
items:
$ref: '#/components/schemas/ResourceScanType'
minItems: 1
maxItems: 3
summary: Amazon Inspector Enable
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/delegatedadminaccounts/enable:
post:
operationId: EnableDelegatedAdminAccount
description: Enables the Amazon Inspector delegated administrator for your Organizations organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/EnableDelegatedAdminAccountResponse'
'480':
description: ConflictException
content:
application/json:
schema:
$ref: '#/components/schemas/ConflictException'
'481':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'482':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'483':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'484':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'485':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- delegatedAdminAccountId
properties:
clientToken:
description: The idempotency token for the request.
type: string
minLength: 1
maxLength: 64
delegatedAdminAccountId:
description: The Amazon Web Services account ID of the Amazon Inspector delegated administrator.
type: string
pattern: '^\d{12}$'
minLength: 12
maxLength: 12
summary: Amazon Inspector Enable Delegated Admin Account
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/configuration/get:
post:
operationId: GetConfiguration
description: Retrieves setting configurations for Inspector scans.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/GetConfigurationResponse'
'480':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'481':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'482':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
summary: Amazon Inspector Get Configuration
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/delegatedadminaccounts/get:
post:
operationId: GetDelegatedAdminAccount
description: Retrieves information about the Amazon Inspector delegated administrator for your organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/GetDelegatedAdminAccountResponse'
'480':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'481':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
summary: Amazon Inspector Get Delegated Admin Account
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/ec2deepinspectionconfiguration/get:
post:
operationId: GetEc2DeepInspectionConfiguration
description: 'Retrieves the activation status of Amazon Inspector deep inspection and custom paths associated with your account. '
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/GetEc2DeepInspectionConfigurationResponse'
'480':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'481':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
summary: Amazon Inspector Get Ec2 Deep Inspection Configuration
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/encryptionkey/get#resourceType&scanType:
get:
operationId: GetEncryptionKey
description: Gets an encryption key.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/GetEncryptionKeyResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: resourceType
in: query
required: true
description: The resource type the key encrypts.
schema:
type: string
enum:
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER_IMAGE
- AWS_ECR_REPOSITORY
- AWS_LAMBDA_FUNCTION
- name: scanType
in: query
required: true
description: The scan type the key encrypts.
schema:
type: string
enum:
- NETWORK
- PACKAGE
- CODE
summary: Amazon Inspector Get Encryption Key
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/reporting/status/get:
post:
operationId: GetFindingsReportStatus
description: Gets the status of a findings report.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/GetFindingsReportStatusResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
reportId:
description: The ID of the report to retrieve the status of.
type: string
pattern: '\b[a-f0-9]{8}\b-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-\b[a-f0-9]{12}\b'
summary: Amazon Inspector Get Findings Report Status
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/members/get:
post:
operationId: GetMember
description: Gets member information for your organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/GetMemberResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- accountId
properties:
accountId:
description: The Amazon Web Services account ID of the member account to retrieve information on.
type: string
pattern: '^\d{12}$'
minLength: 12
maxLength: 12
summary: Amazon Inspector Get Member
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/sbomexport/get:
post:
operationId: GetSbomExport
description: Gets details of a software bill of materials (SBOM) report.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/GetSbomExportResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- reportId
properties:
reportId:
description: The report ID of the SBOM export to get details for.
type: string
pattern: '\b[a-f0-9]{8}\b-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-\b[a-f0-9]{12}\b'
summary: Amazon Inspector Get Sbom Export
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/accountpermissions/list:
post:
operationId: ListAccountPermissions
description: Lists the permissions an account has to configure Amazon Inspector.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListAccountPermissionsResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 1024
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
service:
description: The service scan type to check permissions for.
type: string
enum:
- EC2
- ECR
- LAMBDA
summary: Amazon Inspector List Account Permissions
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/coverage/list:
post:
operationId: ListCoverage
description: Lists coverage details for you environment.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListCoverageResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'482':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
filterCriteria:
description: A structure that identifies filter criteria for GetCoverageStatistics.
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Web Services account IDs to return coverage statistics for.
ec2InstanceTags:
allOf:
- $ref: '#/components/schemas/CoverageMapFilterList'
- description: The Amazon EC2 instance tags to filter on.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The Amazon ECR image tags to filter on.
ecrRepositoryName:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The Amazon ECR repository name to filter on.
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by function names.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by runtime.
lambdaFunctionTags:
allOf:
- $ref: '#/components/schemas/CoverageMapFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by tag.
lastScannedAt:
allOf:
- $ref: '#/components/schemas/CoverageDateFilterList'
- description: Filters Amazon Web Services resources based on whether Amazon Inspector has checked them for vulnerabilities within the specified time range.
resourceId:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Web Services resource IDs to return coverage statistics for.
resourceType:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: 'An array of Amazon Web Services resource types to return coverage statistics for. The values can be AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION
or AWS_ECR_REPOSITORY.'
scanStatusCode:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The scan status code to filter on.
scanStatusReason:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The scan status reason to filter on.
scanType:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Inspector scan types to return coverage statistics for.
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 200
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
summary: Amazon Inspector List Coverage
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/coverage/statistics/list:
post:
operationId: ListCoverageStatistics
description: Lists Amazon Inspector coverage statistics for your environment.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListCoverageStatisticsResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'482':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
filterCriteria:
description: A structure that identifies filter criteria for GetCoverageStatistics.
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Web Services account IDs to return coverage statistics for.
ec2InstanceTags:
allOf:
- $ref: '#/components/schemas/CoverageMapFilterList'
- description: The Amazon EC2 instance tags to filter on.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The Amazon ECR image tags to filter on.
ecrRepositoryName:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The Amazon ECR repository name to filter on.
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by function names.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by runtime.
lambdaFunctionTags:
allOf:
- $ref: '#/components/schemas/CoverageMapFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by tag.
lastScannedAt:
allOf:
- $ref: '#/components/schemas/CoverageDateFilterList'
- description: Filters Amazon Web Services resources based on whether Amazon Inspector has checked them for vulnerabilities within the specified time range.
resourceId:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Web Services resource IDs to return coverage statistics for.
resourceType:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: 'An array of Amazon Web Services resource types to return coverage statistics for. The values can be AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION
or AWS_ECR_REPOSITORY.'
scanStatusCode:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The scan status code to filter on.
scanStatusReason:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The scan status reason to filter on.
scanType:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Inspector scan types to return coverage statistics for.
groupBy:
description: The value to group the results by.
type: string
enum:
- SCAN_STATUS_CODE
- SCAN_STATUS_REASON
- ACCOUNT_ID
- RESOURCE_TYPE
- ECR_REPOSITORY_NAME
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
summary: Amazon Inspector List Coverage Statistics
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/delegatedadminaccounts/list:
post:
operationId: ListDelegatedAdminAccounts
description: Lists information about the Amazon Inspector delegated administrator of your organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListDelegatedAdminAccountsResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 5
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
summary: Amazon Inspector List Delegated Admin Accounts
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/filters/list:
post:
operationId: ListFilters
description: Lists the filters associated with your account.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListFiltersResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
action:
description: The action the filter applies to matched findings.
type: string
enum:
- NONE
- SUPPRESS
arns:
description: The Amazon resource number (ARN) of the filter.
type: array
items:
$ref: '#/components/schemas/FilterArn'
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 100
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
summary: Amazon Inspector List Filters
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/findings/aggregation/list:
post:
operationId: ListFindingAggregations
description: Lists aggregated finding data for your environment based on specific criteria.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListFindingAggregationsResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'482':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- aggregationType
properties:
accountIds:
description: The Amazon Web Services account IDs to retrieve finding aggregation data for.
type: array
items:
$ref: '#/components/schemas/StringFilter'
minItems: 1
maxItems: 10
aggregationRequest:
description: Contains details about an aggregation request.
type: object
properties:
accountAggregation:
allOf:
- $ref: '#/components/schemas/AccountAggregation'
- description: An object that contains details about an aggregation request based on Amazon Web Services account IDs.
amiAggregation:
allOf:
- $ref: '#/components/schemas/AmiAggregation'
- description: An object that contains details about an aggregation request based on Amazon Machine Images (AMIs).
awsEcrContainerAggregation:
allOf:
- $ref: '#/components/schemas/AwsEcrContainerAggregation'
- description: An object that contains details about an aggregation request based on Amazon ECR container images.
ec2InstanceAggregation:
allOf:
- $ref: '#/components/schemas/Ec2InstanceAggregation'
- description: An object that contains details about an aggregation request based on Amazon EC2 instances.
findingTypeAggregation:
allOf:
- $ref: '#/components/schemas/FindingTypeAggregation'
- description: An object that contains details about an aggregation request based on finding types.
imageLayerAggregation:
allOf:
- $ref: '#/components/schemas/ImageLayerAggregation'
- description: An object that contains details about an aggregation request based on container image layers.
lambdaFunctionAggregation:
allOf:
- $ref: '#/components/schemas/LambdaFunctionAggregation'
- description: Returns an object with findings aggregated by AWS Lambda function.
lambdaLayerAggregation:
allOf:
- $ref: '#/components/schemas/LambdaLayerAggregation'
- description: Returns an object with findings aggregated by AWS Lambda layer.
packageAggregation:
allOf:
- $ref: '#/components/schemas/PackageAggregation'
- description: An object that contains details about an aggregation request based on operating system package type.
repositoryAggregation:
allOf:
- $ref: '#/components/schemas/RepositoryAggregation'
- description: An object that contains details about an aggregation request based on Amazon ECR repositories.
titleAggregation:
allOf:
- $ref: '#/components/schemas/TitleAggregation'
- description: An object that contains details about an aggregation request based on finding title.
aggregationType:
description: The type of the aggregation request.
type: string
enum:
- FINDING_TYPE
- PACKAGE
- TITLE
- REPOSITORY
- AMI
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER
- IMAGE_LAYER
- ACCOUNT
- AWS_LAMBDA_FUNCTION
- LAMBDA_LAYER
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 100
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
summary: Amazon Inspector List Finding Aggregations
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/findings/list:
post:
operationId: ListFindings
description: Lists findings for your environment.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListFindingsResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'482':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
filterCriteria:
description: Details on the criteria used to define the filter.
type: object
properties:
awsAccountId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon Web Services account IDs used to filter findings.
codeVulnerabilityDetectorName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.
codeVulnerabilityDetectorTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list
of available tags by programming language, see Java tags, or Python
tags. '
codeVulnerabilityFilePath:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.
componentId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component IDs used to filter findings.
componentType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component types used to filter findings.
ec2InstanceImageId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance image IDs used to filter findings.
ec2InstanceSubnetId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance subnet IDs used to filter findings.
ec2InstanceVpcId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance VPC IDs used to filter findings.
ecrImageArchitecture:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image architecture types used to filter findings.
ecrImageHash:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image hashes used to filter findings.
ecrImagePushedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the Amazon ECR image push date and time used to filter findings.
ecrImageRegistry:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the Amazon ECR registry used to filter findings.
ecrImageRepositoryName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the name of the Amazon ECR repository used to filter findings.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The tags attached to the Amazon ECR container image.
epssScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The EPSS score used to filter findings.
exploitAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda findings by the availability of exploits.
findingArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding ARNs used to filter findings.
findingStatus:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding status types used to filter findings.
findingType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding types used to filter findings.
firstObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was first seen used to filter findings.
fixAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.'
inspectorScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The Amazon Inspector score to filter on.
lambdaFunctionExecutionRoleArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by execution role.
lambdaFunctionLastModifiedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: 'Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO
8601 format '
lambdaFunctionLayers:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Filters the list of AWS Lambda functions by the function''s layers. A Lambda function
can have up to five layers.'
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the name of the function.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
lastObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last seen used to filter findings.
networkProtocol:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on network protocol used to filter findings.
portRange:
allOf:
- $ref: '#/components/schemas/PortRangeFilterList'
- description: Details on the port ranges used to filter findings.
relatedVulnerabilities:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the related vulnerabilities used to filter findings.
resourceId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource IDs used to filter findings.
resourceTags:
allOf:
- $ref: '#/components/schemas/MapFilterList'
- description: Details on the resource tags used to filter findings.
resourceType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource types used to filter findings.
severity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the severity used to filter findings.
title:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding title used to filter findings.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last updated at used to filter findings.
vendorSeverity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vendor severity used to filter findings.
vulnerabilityId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability ID used to filter findings.
vulnerabilitySource:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability type used to filter findings.
vulnerablePackages:
allOf:
- $ref: '#/components/schemas/PackageFilterList'
- description: Details on the vulnerable packages used to filter findings.
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 100
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
sortCriteria:
description: Details about the criteria used to sort finding results.
type: object
properties:
field:
allOf:
- $ref: '#/components/schemas/SortField'
- description: The finding detail field by which results are sorted.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order by which findings are sorted.
summary: Amazon Inspector List Findings
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/members/list:
post:
operationId: ListMembers
description: List members associated with the Amazon Inspector delegated administrator for your organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListMembersResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 50
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
onlyAssociated:
description: Specifies whether to list only currently associated members if True or to list all members within the organization if False.
type: boolean
summary: Amazon Inspector List Members
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
'/tags/{resourceArn}':
get:
operationId: ListTagsForResource
description: Lists all tags attached to a given resource.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListTagsForResourceResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: resourceArn
in: path
required: true
description: The Amazon resource number (ARN) of the resource to list tags of.
schema:
type: string
minLength: 1
maxLength: 1011
summary: Amazon Inspector List Tags for Resource
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
post:
operationId: TagResource
description: Adds tags to a resource.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/TagResourceResponse'
'480':
description: BadRequestException
content:
application/json:
schema:
$ref: '#/components/schemas/BadRequestException'
'481':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: resourceArn
in: path
required: true
description: The Amazon Resource Name (ARN) of the resource to apply a tag to.
schema:
type: string
minLength: 1
maxLength: 1011
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- tags
properties:
tags:
description: The tags to be added to a resource.
type: object
additionalProperties:
$ref: '#/components/schemas/MapValue'
summary: Amazon Inspector Tag Resource
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/usage/list:
post:
operationId: ListUsageTotals
description: Lists the Amazon Inspector usage totals over the last 30 days.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ListUsageTotalsResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: maxResults
in: query
schema:
type: string
description: Pagination limit
required: false
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
accountIds:
description: The Amazon Web Services account IDs to retrieve usage totals for.
type: array
items:
$ref: '#/components/schemas/UsageAccountId'
minItems: 1
maxItems: 7000
maxResults:
description: The maximum number of results to return in the response.
type: integer
minimum: 1
maximum: 500
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 1
summary: Amazon Inspector List Usage Totals
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/encryptionkey/reset:
put:
operationId: ResetEncryptionKey
description: Resets an encryption key. After the key is reset your resources will be encrypted by an Amazon Web Services owned key.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/ResetEncryptionKeyResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- resourceType
- scanType
properties:
resourceType:
description: The resource type the key encrypts.
type: string
enum:
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER_IMAGE
- AWS_ECR_REPOSITORY
- AWS_LAMBDA_FUNCTION
scanType:
description: The scan type the key encrypts.
type: string
enum:
- NETWORK
- PACKAGE
- CODE
summary: Amazon Inspector Reset Encryption Key
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/vulnerabilities/search:
post:
operationId: SearchVulnerabilities
description: Lists Amazon Inspector coverage details for a specific vulnerability.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/SearchVulnerabilitiesResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: nextToken
in: query
schema:
type: string
description: Pagination token
required: false
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- filterCriteria
properties:
filterCriteria:
description: 'Details on the criteria used to define the filter for a vulnerability search. '
type: object
properties:
vulnerabilityIds:
allOf:
- $ref: '#/components/schemas/VulnIdList'
- description: The IDs for specific vulnerabilities.
nextToken:
description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls,
use the NextToken value returned from the previous request to continue listing results after the first page.'
type: string
minLength: 0
maxLength: 1000000
summary: Amazon Inspector Search Vulnerabilities
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
'/tags/{resourceArn}#tagKeys':
delete:
operationId: UntagResource
description: Removes tags from a resource.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/UntagResourceResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters:
- name: resourceArn
in: path
required: true
description: The Amazon Resource Name (ARN) for the resource to remove tags from.
schema:
type: string
minLength: 1
maxLength: 1011
- name: tagKeys
in: query
required: true
description: The tag keys to remove from the resource.
schema:
type: array
items:
$ref: '#/components/schemas/TagKey'
minItems: 0
maxItems: 50
summary: Amazon Inspector Untag Resource
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/configuration/update:
post:
operationId: UpdateConfiguration
description: Updates setting configurations for your Amazon Inspector account. When you use this API as an Amazon Inspector delegated administrator this updates the setting for all accounts you
manage. Member accounts in an organization cannot update this setting.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateConfigurationResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- ecrConfiguration
properties:
ecrConfiguration:
description: Details about the ECR automated re-scan duration setting for your environment.
type: object
properties:
rescanDuration:
allOf:
- $ref: '#/components/schemas/EcrRescanDuration'
- description: The ECR automated re-scan duration defines how long an ECR image will be actively scanned by Amazon Inspector. When the number of days since an image was last
pushed exceeds the automated re-scan duration the monitoring state of that image becomes inactive and all associated findings are scheduled for closure.
summary: Amazon Inspector Update Configuration
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/ec2deepinspectionconfiguration/update:
post:
operationId: UpdateEc2DeepInspectionConfiguration
description: 'Activates, deactivates Amazon Inspector deep inspection, or updates custom paths for your account. '
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateEc2DeepInspectionConfigurationResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
properties:
activateDeepInspection:
description: 'Specify TRUE to activate Amazon Inspector deep inspection in your account, or FALSE to deactivate. Member accounts in an organization cannot deactivate
deep inspection, instead the delegated administrator for the organization can deactivate a member account using BatchUpdateMemberEc2DeepInspectionStatus.'
type: boolean
packagePaths:
description: The Amazon Inspector deep inspection custom paths you are adding for your account.
type: array
items:
$ref: '#/components/schemas/Path'
minItems: 0
maxItems: 5
summary: Amazon Inspector Update Ec2 Deep Inspection Configuration
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/encryptionkey/update:
put:
operationId: UpdateEncryptionKey
description: Updates an encryption key. A ResourceNotFoundException means that an AWS owned key is being used for encryption.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateEncryptionKeyResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- kmsKeyId
- resourceType
- scanType
properties:
kmsKeyId:
description: A KMS key ID for the encryption key.
type: string
pattern: '^arn:aws(-(us-gov|cn))?:kms:([a-z0-9][-.a-z0-9]{0,62})?:[0-9]{12}?:key/(([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})|(mrk-[0-9a-zA-Z]{32}))$'
resourceType:
description: The resource type for the encryption key.
type: string
enum:
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER_IMAGE
- AWS_ECR_REPOSITORY
- AWS_LAMBDA_FUNCTION
scanType:
description: The scan type for the encryption key.
type: string
enum:
- NETWORK
- PACKAGE
- CODE
summary: Amazon Inspector Update Encryption Key
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/filters/update:
post:
operationId: UpdateFilter
description: Specifies the action that is to be applied to the findings that match the filter.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateFilterResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ResourceNotFoundException
content:
application/json:
schema:
$ref: '#/components/schemas/ResourceNotFoundException'
'483':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'484':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- filterArn
properties:
action:
description: Specifies the action that is to be applied to the findings that match the filter.
type: string
enum:
- NONE
- SUPPRESS
description:
description: A description of the filter.
type: string
minLength: 1
maxLength: 512
filterArn:
description: The Amazon Resource Number (ARN) of the filter to update.
type: string
minLength: 1
maxLength: 128
filterCriteria:
description: Details on the criteria used to define the filter.
type: object
properties:
awsAccountId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon Web Services account IDs used to filter findings.
codeVulnerabilityDetectorName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.
codeVulnerabilityDetectorTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list
of available tags by programming language, see Java tags, or Python
tags. '
codeVulnerabilityFilePath:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.
componentId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component IDs used to filter findings.
componentType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component types used to filter findings.
ec2InstanceImageId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance image IDs used to filter findings.
ec2InstanceSubnetId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance subnet IDs used to filter findings.
ec2InstanceVpcId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance VPC IDs used to filter findings.
ecrImageArchitecture:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image architecture types used to filter findings.
ecrImageHash:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image hashes used to filter findings.
ecrImagePushedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the Amazon ECR image push date and time used to filter findings.
ecrImageRegistry:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the Amazon ECR registry used to filter findings.
ecrImageRepositoryName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the name of the Amazon ECR repository used to filter findings.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The tags attached to the Amazon ECR container image.
epssScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The EPSS score used to filter findings.
exploitAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda findings by the availability of exploits.
findingArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding ARNs used to filter findings.
findingStatus:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding status types used to filter findings.
findingType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding types used to filter findings.
firstObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was first seen used to filter findings.
fixAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL
fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.'
inspectorScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The Amazon Inspector score to filter on.
lambdaFunctionExecutionRoleArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by execution role.
lambdaFunctionLastModifiedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: 'Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO
8601 format '
lambdaFunctionLayers:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Filters the list of AWS Lambda functions by the function''s layers. A Lambda function
can have up to five layers.'
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the name of the function.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
lastObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last seen used to filter findings.
networkProtocol:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on network protocol used to filter findings.
portRange:
allOf:
- $ref: '#/components/schemas/PortRangeFilterList'
- description: Details on the port ranges used to filter findings.
relatedVulnerabilities:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the related vulnerabilities used to filter findings.
resourceId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource IDs used to filter findings.
resourceTags:
allOf:
- $ref: '#/components/schemas/MapFilterList'
- description: Details on the resource tags used to filter findings.
resourceType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource types used to filter findings.
severity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the severity used to filter findings.
title:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding title used to filter findings.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last updated at used to filter findings.
vendorSeverity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vendor severity used to filter findings.
vulnerabilityId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability ID used to filter findings.
vulnerabilitySource:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability type used to filter findings.
vulnerablePackages:
allOf:
- $ref: '#/components/schemas/PackageFilterList'
- description: Details on the vulnerable packages used to filter findings.
name:
description: The name of the filter.
type: string
minLength: 1
maxLength: 128
reason:
description: The reason the filter was updated.
type: string
minLength: 1
maxLength: 512
summary: Amazon Inspector Update Filter
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/ec2deepinspectionconfiguration/org/update:
post:
operationId: UpdateOrgEc2DeepInspectionConfiguration
description: Updates the Amazon Inspector deep inspection custom paths for your organization. You must be an Amazon Inspector delegated administrator to use this API.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateOrgEc2DeepInspectionConfigurationResponse'
'480':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'481':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- orgPackagePaths
properties:
orgPackagePaths:
description: The Amazon Inspector deep inspection custom paths you are adding for your organization.
type: array
items:
$ref: '#/components/schemas/Path'
minItems: 0
maxItems: 5
summary: Amazon Inspector Update Org Ec2 Deep Inspection Configuration
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
/organizationconfiguration/update:
post:
operationId: UpdateOrganizationConfiguration
description: Updates the configurations for your Amazon Inspector organization.
responses:
'200':
description: Success
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateOrganizationConfigurationResponse'
'480':
description: AccessDeniedException
content:
application/json:
schema:
$ref: '#/components/schemas/AccessDeniedException'
'481':
description: ValidationException
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationException'
'482':
description: ThrottlingException
content:
application/json:
schema:
$ref: '#/components/schemas/ThrottlingException'
'483':
description: InternalServerException
content:
application/json:
schema:
$ref: '#/components/schemas/InternalServerException'
parameters: []
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- autoEnable
properties:
autoEnable:
description: Represents which scan types are automatically enabled for new members of your Amazon Inspector organization.
type: object
properties:
ec2:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
ecr:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
lambda:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: 'Represents whether AWS Lambda standard scans are automatically enabled for new members of your Amazon Inspector organization. '
lambdaCode:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Represents whether AWS Lambda code scans are automatically enabled for new members of your Amazon Inspector organization. </p>
summary: Amazon Inspector Update Organization Configuration
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
parameters:
- $ref: '#/components/parameters/X-Amz-Content-Sha256'
- $ref: '#/components/parameters/X-Amz-Date'
- $ref: '#/components/parameters/X-Amz-Algorithm'
- $ref: '#/components/parameters/X-Amz-Credential'
- $ref: '#/components/parameters/X-Amz-Security-Token'
- $ref: '#/components/parameters/X-Amz-Signature'
- $ref: '#/components/parameters/X-Amz-SignedHeaders'
components:
parameters:
X-Amz-Content-Sha256:
name: X-Amz-Content-Sha256
in: header
schema:
type: string
required: false
X-Amz-Date:
name: X-Amz-Date
in: header
schema:
type: string
required: false
X-Amz-Algorithm:
name: X-Amz-Algorithm
in: header
schema:
type: string
required: false
X-Amz-Credential:
name: X-Amz-Credential
in: header
schema:
type: string
required: false
X-Amz-Security-Token:
name: X-Amz-Security-Token
in: header
schema:
type: string
required: false
X-Amz-Signature:
name: X-Amz-Signature
in: header
schema:
type: string
required: false
X-Amz-SignedHeaders:
name: X-Amz-SignedHeaders
in: header
schema:
type: string
required: false
securitySchemes:
hmac:
type: apiKey
name: Authorization
in: header
description: Amazon Signature authorization v4
x-amazon-apigateway-authtype: awsSigv4
schemas:
AssociateMemberResponse:
type: object
required:
- accountId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the successfully associated member account.
ValidationException: {}
AccessDeniedException: {}
ThrottlingException: {}
InternalServerException: {}
BatchGetAccountStatusResponse:
type: object
required:
- accounts
properties:
accounts:
allOf:
- $ref: '#/components/schemas/AccountStateList'
- description: An array of objects that provide details on the status of Amazon Inspector for each of the requested accounts.
failedAccounts:
allOf:
- $ref: '#/components/schemas/FailedAccountList'
- description: An array of objects detailing any accounts that failed to enable Amazon Inspector and why.
AccountId:
type: string
pattern: '^\d{12}$'
minLength: 12
maxLength: 12
ResourceNotFoundException: {}
BatchGetCodeSnippetResponse:
type: object
properties:
codeSnippetResults:
allOf:
- $ref: '#/components/schemas/CodeSnippetResultList'
- description: The retrieved code snippets associated with the provided finding ARNs.
errors:
allOf:
- $ref: '#/components/schemas/CodeSnippetErrorList'
- description: Any errors Amazon Inspector encountered while trying to retrieve the requested code snippets.
FindingArn:
type: string
pattern: '^arn:(aws[a-zA-Z-]*)?:inspector2:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:finding/[a-f0-9]{32}$'
minLength: 1
maxLength: 100
BatchGetFindingDetailsResponse:
type: object
properties:
errors:
allOf:
- $ref: '#/components/schemas/FindingDetailsErrorList'
- description: Error information for findings that details could not be returned for.
findingDetails:
allOf:
- $ref: '#/components/schemas/FindingDetails'
- description: A finding's vulnerability details.
BatchGetFreeTrialInfoResponse:
type: object
required:
- accounts
- failedAccounts
properties:
accounts:
allOf:
- $ref: '#/components/schemas/FreeTrialAccountInfoList'
- description: 'An array of objects that provide Amazon Inspector free trial details for each of the requested accounts. '
failedAccounts:
allOf:
- $ref: '#/components/schemas/FreeTrialInfoErrorList'
- description: An array of objects detailing any accounts that free trial data could not be returned for.
MeteringAccountId:
type: string
pattern: '[0-9]{12}'
BatchGetMemberEc2DeepInspectionStatusResponse:
type: object
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/MemberAccountEc2DeepInspectionStatusStateList'
- description: An array of objects that provide details on the activation status of Amazon Inspector deep inspection for each of the requested accounts. </p>
failedAccountIds:
allOf:
- $ref: '#/components/schemas/FailedMemberAccountEc2DeepInspectionStatusStateList'
- description: An array of objects that provide details on any accounts that failed to activate Amazon Inspector deep inspection and why. </p>
BatchUpdateMemberEc2DeepInspectionStatusResponse:
type: object
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/MemberAccountEc2DeepInspectionStatusStateList'
- description: 'An array of objects that provide details for each of the accounts that Amazon Inspector deep inspection status was successfully changed for. '
failedAccountIds:
allOf:
- $ref: '#/components/schemas/FailedMemberAccountEc2DeepInspectionStatusStateList'
- description: 'An array of objects that provide details for each of the accounts that Amazon Inspector deep inspection status could not be successfully changed for. '
MemberAccountEc2DeepInspectionStatus:
type: object
required:
- accountId
- activateDeepInspection
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The unique identifier for the Amazon Web Services account of the organization member.
activateDeepInspection:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: 'Whether Amazon Inspector deep inspection is active in the account. If TRUE Amazon Inspector deep inspection is active, if FALSE it is not active.'
description: An object that contains details about the status of Amazon Inspector deep inspection for a member account in your organization.
CancelFindingsReportResponse:
type: object
required:
- reportId
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The ID of the canceled report.
CancelSbomExportResponse:
type: object
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The report ID of the canceled SBOM export.
CreateFilterResponse:
type: object
required:
- arn
properties:
arn:
allOf:
- $ref: '#/components/schemas/FilterArn'
- description: The Amazon Resource Number (ARN) of the successfully created filter.
StringFilterList:
type: array
items:
$ref: '#/components/schemas/StringFilter'
minItems: 1
maxItems: 10
DateFilterList:
type: array
items:
$ref: '#/components/schemas/DateFilter'
minItems: 1
maxItems: 10
NumberFilterList:
type: array
items:
$ref: '#/components/schemas/NumberFilter'
minItems: 1
maxItems: 10
PortRangeFilterList:
type: array
items:
$ref: '#/components/schemas/PortRangeFilter'
minItems: 1
maxItems: 10
MapFilterList:
type: array
items:
$ref: '#/components/schemas/MapFilter'
minItems: 1
maxItems: 10
PackageFilterList:
type: array
items:
$ref: '#/components/schemas/PackageFilter'
minItems: 1
maxItems: 10
MapValue:
type: string
minLength: 0
maxLength: 256
ServiceQuotaExceededException: {}
BadRequestException: {}
CreateFindingsReportResponse:
type: object
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The ID of the report.
String:
type: string
CreateSbomExportResponse:
type: object
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The report ID for the software bill of materials (SBOM) report.
ResourceStringFilterList:
type: array
items:
$ref: '#/components/schemas/ResourceStringFilter'
minItems: 1
maxItems: 10
ResourceMapFilterList:
type: array
items:
$ref: '#/components/schemas/ResourceMapFilter'
minItems: 1
maxItems: 10
DeleteFilterResponse:
type: object
required:
- arn
properties:
arn:
allOf:
- $ref: '#/components/schemas/FilterArn'
- description: The Amazon Resource Number (ARN) of the filter that has been deleted.
DescribeOrganizationConfigurationResponse:
type: object
properties:
autoEnable:
allOf:
- $ref: '#/components/schemas/AutoEnable'
- description: The scan types are automatically enabled for new members of your organization.
maxAccountLimitReached:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Represents whether your organization has reached the maximum Amazon Web Services account limit for Amazon Inspector.
DisableResponse:
type: object
required:
- accounts
properties:
accounts:
allOf:
- $ref: '#/components/schemas/AccountList'
- description: Information on the accounts that have had Amazon Inspector scans successfully disabled. Details are provided for each account.
failedAccounts:
allOf:
- $ref: '#/components/schemas/FailedAccountList'
- description: Information on any accounts for which Amazon Inspector scans could not be disabled. Details are provided for each account.
ResourceScanType:
type: string
enum:
- EC2
- ECR
- LAMBDA
- LAMBDA_CODE
DisableDelegatedAdminAccountResponse:
type: object
required:
- delegatedAdminAccountId
properties:
delegatedAdminAccountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the successfully disabled delegated administrator.
ConflictException: {}
DisassociateMemberResponse:
type: object
required:
- accountId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the successfully disassociated member.
EnableResponse:
type: object
required:
- accounts
properties:
accounts:
allOf:
- $ref: '#/components/schemas/AccountList'
- description: Information on the accounts that have had Amazon Inspector scans successfully enabled. Details are provided for each account.
failedAccounts:
allOf:
- $ref: '#/components/schemas/FailedAccountList'
- description: Information on any accounts for which Amazon Inspector scans could not be enabled. Details are provided for each account.
EnableDelegatedAdminAccountResponse:
type: object
required:
- delegatedAdminAccountId
properties:
delegatedAdminAccountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the successfully Amazon Inspector delegated administrator.
GetConfigurationResponse:
type: object
properties:
ecrConfiguration:
allOf:
- $ref: '#/components/schemas/EcrConfigurationState'
- description: Specifies how the ECR automated re-scan duration is currently configured for your environment.
GetDelegatedAdminAccountResponse:
type: object
properties:
delegatedAdmin:
allOf:
- $ref: '#/components/schemas/DelegatedAdmin'
- description: The Amazon Web Services account ID of the Amazon Inspector delegated administrator.
GetEc2DeepInspectionConfigurationResponse:
type: object
properties:
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: An error message explaining why Amazon Inspector deep inspection configurations could not be retrieved for your account.
orgPackagePaths:
allOf:
- $ref: '#/components/schemas/PathList'
- description: The Amazon Inspector deep inspection custom paths for your organization.
packagePaths:
allOf:
- $ref: '#/components/schemas/PathList'
- description: The Amazon Inspector deep inspection custom paths for your account.
status:
allOf:
- $ref: '#/components/schemas/Ec2DeepInspectionStatus'
- description: The activation status of Amazon Inspector deep inspection in your account.
GetEncryptionKeyResponse:
type: object
required:
- kmsKeyId
properties:
kmsKeyId:
allOf:
- $ref: '#/components/schemas/KmsKeyArn'
- description: A kms key ID.
GetFindingsReportStatusResponse:
type: object
properties:
destination:
allOf:
- $ref: '#/components/schemas/Destination'
- description: The destination of the report.
errorCode:
allOf:
- $ref: '#/components/schemas/ReportingErrorCode'
- description: The error code of the report.
errorMessage:
allOf:
- $ref: '#/components/schemas/ErrorMessage'
- description: The error message of the report.
filterCriteria:
allOf:
- $ref: '#/components/schemas/FilterCriteria'
- description: The filter criteria associated with the report.
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The ID of the report.
status:
allOf:
- $ref: '#/components/schemas/ExternalReportStatus'
- description: The status of the report.
GetMemberResponse:
type: object
properties:
member:
allOf:
- $ref: '#/components/schemas/Member'
- description: Details of the retrieved member account.
GetSbomExportResponse:
type: object
properties:
errorCode:
allOf:
- $ref: '#/components/schemas/ReportingErrorCode'
- description: An error code.
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: An error message.
filterCriteria:
allOf:
- $ref: '#/components/schemas/ResourceFilterCriteria'
- description: Contains details about the resource filter criteria used for the software bill of materials (SBOM) report.
format:
allOf:
- $ref: '#/components/schemas/SbomReportFormat'
- description: The format of the software bill of materials (SBOM) report.
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The report ID of the software bill of materials (SBOM) report.
s3Destination:
$ref: '#/components/schemas/Destination'
status:
allOf:
- $ref: '#/components/schemas/ExternalReportStatus'
- description: The status of the software bill of materials (SBOM) report.
ListAccountPermissionsResponse:
type: object
required:
- permissions
properties:
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
permissions:
allOf:
- $ref: '#/components/schemas/Permissions'
- description: Contains details on the permissions an account has to configure Amazon Inspector.
ListCoverageResponse:
type: object
properties:
coveredResources:
allOf:
- $ref: '#/components/schemas/CoveredResources'
- description: An object that contains details on the covered resources in your environment.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
CoverageStringFilterList:
type: array
items:
$ref: '#/components/schemas/CoverageStringFilter'
minItems: 1
maxItems: 10
CoverageMapFilterList:
type: array
items:
$ref: '#/components/schemas/CoverageMapFilter'
minItems: 1
maxItems: 10
CoverageDateFilterList:
type: array
items:
$ref: '#/components/schemas/CoverageDateFilter'
minItems: 1
maxItems: 10
ListCoverageStatisticsResponse:
type: object
required:
- totalCounts
properties:
countsByGroup:
allOf:
- $ref: '#/components/schemas/CountsList'
- description: An array with the number for each group.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
totalCounts:
allOf:
- $ref: '#/components/schemas/Long'
- description: The total number for all groups.
ListDelegatedAdminAccountsResponse:
type: object
properties:
delegatedAdminAccounts:
allOf:
- $ref: '#/components/schemas/DelegatedAdminAccountList'
- description: Details of the Amazon Inspector delegated administrator of your organization.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
ListFiltersResponse:
type: object
required:
- filters
properties:
filters:
allOf:
- $ref: '#/components/schemas/FilterList'
- description: Contains details on the filters associated with your account.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
FilterArn:
type: string
minLength: 1
maxLength: 128
ListFindingAggregationsResponse:
type: object
required:
- aggregationType
properties:
aggregationType:
allOf:
- $ref: '#/components/schemas/AggregationType'
- description: The type of aggregation to perform.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
responses:
allOf:
- $ref: '#/components/schemas/AggregationResponseList'
- description: Objects that contain the results of an aggregation operation.
StringFilter:
type: object
required:
- comparison
- value
properties:
comparison:
allOf:
- $ref: '#/components/schemas/StringComparison'
- description: The operator to use when comparing values in the filter.
value:
allOf:
- $ref: '#/components/schemas/StringInput'
- description: The value to filter on.
description: An object that describes the details of a string filter.
AccountAggregation:
type: object
properties:
findingType:
allOf:
- $ref: '#/components/schemas/AggregationFindingType'
- description: The type of finding.
resourceType:
allOf:
- $ref: '#/components/schemas/AggregationResourceType'
- description: The type of resource.
sortBy:
allOf:
- $ref: '#/components/schemas/AccountSortBy'
- description: The value to sort by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The sort order (ascending or descending).
description: An object that contains details about an aggregation response based on Amazon Web Services accounts.
AmiAggregation:
type: object
properties:
amis:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The IDs of AMIs to aggregate findings for.
sortBy:
allOf:
- $ref: '#/components/schemas/AmiSortBy'
- description: The value to sort results by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to sort results by.
description: The details that define an aggregation based on Amazon machine images (AMIs).
AwsEcrContainerAggregation:
type: object
properties:
architectures:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The architecture of the containers.
imageShas:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The image SHA values.
imageTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The image tags.
repositories:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The container repositories.
resourceIds:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The container resource IDs.
sortBy:
allOf:
- $ref: '#/components/schemas/AwsEcrContainerSortBy'
- description: The value to sort by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The sort order (ascending or descending).
description: An aggregation of information about Amazon ECR containers.
Ec2InstanceAggregation:
type: object
properties:
amis:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The AMI IDs associated with the Amazon EC2 instances to aggregate findings for.
instanceIds:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The Amazon EC2 instance IDs to aggregate findings for.
instanceTags:
allOf:
- $ref: '#/components/schemas/MapFilterList'
- description: The Amazon EC2 instance tags to aggregate findings for.
operatingSystems:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'The operating system types to aggregate findings for. Valid values must be uppercase and underscore separated, examples are ORACLE_LINUX_7 and ALPINE_LINUX_3_8.'
sortBy:
allOf:
- $ref: '#/components/schemas/Ec2InstanceSortBy'
- description: The value to sort results by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to sort results by.
description: The details that define an aggregation based on Amazon EC2 instances.
FindingTypeAggregation:
type: object
properties:
findingType:
allOf:
- $ref: '#/components/schemas/AggregationFindingType'
- description: The finding type to aggregate.
resourceType:
allOf:
- $ref: '#/components/schemas/AggregationResourceType'
- description: The resource type to aggregate.
sortBy:
allOf:
- $ref: '#/components/schemas/FindingTypeSortBy'
- description: The value to sort results by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to sort results by.
description: The details that define an aggregation based on finding type.
ImageLayerAggregation:
type: object
properties:
layerHashes:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The hashes associated with the layers.
repositories:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The repository associated with the container image hosting the layers.
resourceIds:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The ID of the container image layer.
sortBy:
allOf:
- $ref: '#/components/schemas/ImageLayerSortBy'
- description: The value to sort results by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to sort results by.
description: The details that define an aggregation based on container image layers.
LambdaFunctionAggregation:
type: object
properties:
functionNames:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The AWS Lambda function names to include in the aggregation results.
functionTags:
allOf:
- $ref: '#/components/schemas/MapFilterList'
- description: The tags to include in the aggregation results.
resourceIds:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The resource IDs to include in the aggregation results.
runtimes:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Returns findings aggregated by AWS Lambda function runtime environments.
sortBy:
allOf:
- $ref: '#/components/schemas/LambdaFunctionSortBy'
- description: The finding severity to use for sorting the results.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to use for sorting the results.
description: The details that define a findings aggregation based on AWS Lambda functions.
LambdaLayerAggregation:
type: object
properties:
functionNames:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The names of the AWS Lambda functions associated with the layers.
layerArns:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'The Amazon Resource Name (ARN) of the AWS Lambda function layer. '
resourceIds:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The resource IDs for the AWS Lambda function layers.
sortBy:
allOf:
- $ref: '#/components/schemas/LambdaLayerSortBy'
- description: The finding severity to use for sorting the results.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to use for sorting the results.
description: The details that define a findings aggregation based on an AWS Lambda function's layers.
PackageAggregation:
type: object
properties:
packageNames:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The names of packages to aggregate findings on.
sortBy:
allOf:
- $ref: '#/components/schemas/PackageSortBy'
- description: The value to sort results by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to sort results by.
description: The details that define an aggregation based on operating system package type.
RepositoryAggregation:
type: object
properties:
repositories:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The names of repositories to aggregate findings on.
sortBy:
allOf:
- $ref: '#/components/schemas/RepositorySortBy'
- description: The value to sort results by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to sort results by.
description: The details that define an aggregation based on repository.
TitleAggregation:
type: object
properties:
findingType:
allOf:
- $ref: '#/components/schemas/AggregationFindingType'
- description: The type of finding to aggregate on.
resourceType:
allOf:
- $ref: '#/components/schemas/AggregationResourceType'
- description: The resource type to aggregate on.
sortBy:
allOf:
- $ref: '#/components/schemas/TitleSortBy'
- description: The value to sort results by.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order to sort results by.
titles:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The finding titles to aggregate on.
vulnerabilityIds:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The vulnerability IDs of the findings.
description: The details that define an aggregation based on finding title.
ListFindingsResponse:
type: object
properties:
findings:
allOf:
- $ref: '#/components/schemas/FindingList'
- description: Contains details on the findings in your environment.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
SortField:
type: string
enum:
- AWS_ACCOUNT_ID
- FINDING_TYPE
- SEVERITY
- FIRST_OBSERVED_AT
- LAST_OBSERVED_AT
- FINDING_STATUS
- RESOURCE_TYPE
- ECR_IMAGE_PUSHED_AT
- ECR_IMAGE_REPOSITORY_NAME
- ECR_IMAGE_REGISTRY
- NETWORK_PROTOCOL
- COMPONENT_TYPE
- VULNERABILITY_ID
- VULNERABILITY_SOURCE
- INSPECTOR_SCORE
- VENDOR_SEVERITY
- EPSS_SCORE
SortOrder:
type: string
enum:
- ASC
- DESC
ListMembersResponse:
type: object
properties:
members:
allOf:
- $ref: '#/components/schemas/MemberList'
- description: An object that contains details for each member account.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: The pagination parameter to be used on the next list operation to retrieve more items.
ListTagsForResourceResponse:
type: object
properties:
tags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The tags associated with the resource.
ListUsageTotalsResponse:
type: object
properties:
nextToken:
allOf:
- $ref: '#/components/schemas/ListUsageTotalsNextToken'
- description: The pagination parameter to be used on the next list operation to retrieve more items.
totals:
allOf:
- $ref: '#/components/schemas/UsageTotalList'
- description: An object with details on the total usage for the requested account.
UsageAccountId:
type: string
pattern: '[0-9]{12}'
ResetEncryptionKeyResponse:
type: object
properties: {}
SearchVulnerabilitiesResponse:
type: object
required:
- vulnerabilities
properties:
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: The pagination parameter to be used on the next list operation to retrieve more items.
vulnerabilities:
allOf:
- $ref: '#/components/schemas/Vulnerabilities'
- description: Details about the listed vulnerability.
VulnIdList:
type: array
items:
$ref: '#/components/schemas/VulnId'
minItems: 1
maxItems: 1
TagResourceResponse:
type: object
properties: {}
UntagResourceResponse:
type: object
properties: {}
TagKey:
type: string
pattern: '^(?!aws:)[a-zA-Z+-=._:/]+$'
minLength: 1
maxLength: 128
UpdateConfigurationResponse:
type: object
properties: {}
EcrRescanDuration:
type: string
enum:
- LIFETIME
- DAYS_30
- DAYS_180
UpdateEc2DeepInspectionConfigurationResponse:
type: object
properties:
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: An error message explaining why new Amazon Inspector deep inspection custom paths could not be added.
orgPackagePaths:
allOf:
- $ref: '#/components/schemas/PathList'
- description: The current Amazon Inspector deep inspection custom paths for the organization.
packagePaths:
allOf:
- $ref: '#/components/schemas/PathList'
- description: The current Amazon Inspector deep inspection custom paths for your account.
status:
allOf:
- $ref: '#/components/schemas/Ec2DeepInspectionStatus'
- description: The status of Amazon Inspector deep inspection in your account.
Path:
type: string
pattern: '^(?:/(?:\.[-\w]+|[-\w]+(?:\.[-\w]+)?))+/?$'
minLength: 1
maxLength: 512
UpdateEncryptionKeyResponse:
type: object
properties: {}
UpdateFilterResponse:
type: object
required:
- arn
properties:
arn:
allOf:
- $ref: '#/components/schemas/FilterArn'
- description: The Amazon Resource Number (ARN) of the successfully updated filter.
UpdateOrgEc2DeepInspectionConfigurationResponse:
type: object
properties: {}
UpdateOrganizationConfigurationResponse:
type: object
required:
- autoEnable
properties:
autoEnable:
allOf:
- $ref: '#/components/schemas/AutoEnable'
- description: The updated status of scan types automatically enabled for new members of your Amazon Inspector organization.
Boolean:
type: boolean
ResourceStatus:
type: object
required:
- ec2
- ecr
properties:
ec2:
allOf:
- $ref: '#/components/schemas/Status'
- description: The status of Amazon Inspector scanning for Amazon EC2 resources.
ecr:
allOf:
- $ref: '#/components/schemas/Status'
- description: The status of Amazon Inspector scanning for Amazon ECR resources.
lambda:
allOf:
- $ref: '#/components/schemas/Status'
- description: The status of Amazon Inspector scanning for AWS Lambda function.
lambdaCode:
allOf:
- $ref: '#/components/schemas/Status'
- description: 'The status of Amazon Inspector scanning for custom application code for Amazon Web Services Lambda functions. '
description: Details the status of Amazon Inspector for each resource type Amazon Inspector scans.
Status:
type: string
enum:
- ENABLING
- ENABLED
- DISABLING
- DISABLED
- SUSPENDING
- SUSPENDED
Account:
type: object
required:
- accountId
- resourceStatus
- status
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The ID of the Amazon Web Services account.
resourceStatus:
allOf:
- $ref: '#/components/schemas/ResourceStatus'
- description: Details of the status of Amazon Inspector scans by resource type.
status:
allOf:
- $ref: '#/components/schemas/Status'
- description: The status of Amazon Inspector for the account.
description: An Amazon Web Services account within your environment that Amazon Inspector has been enabled for.
AggregationFindingType:
type: string
enum:
- NETWORK_REACHABILITY
- PACKAGE_VULNERABILITY
- CODE_VULNERABILITY
AggregationResourceType:
type: string
enum:
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER_IMAGE
- AWS_LAMBDA_FUNCTION
AccountSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
SeverityCounts:
type: object
properties:
all:
allOf:
- $ref: '#/components/schemas/Long'
- description: The total count of findings from all severities.
critical:
allOf:
- $ref: '#/components/schemas/Long'
- description: The total count of critical severity findings.
high:
allOf:
- $ref: '#/components/schemas/Long'
- description: The total count of high severity findings.
medium:
allOf:
- $ref: '#/components/schemas/Long'
- description: The total count of medium severity findings.
description: An object that contains the counts of aggregated finding per severity.
AccountAggregationResponse:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: The number of findings by severity.
description: An aggregation of findings by Amazon Web Services account ID.
AccountIdSet:
type: array
items:
$ref: '#/components/schemas/AccountId'
minItems: 0
maxItems: 100
AccountList:
type: array
items:
$ref: '#/components/schemas/Account'
ResourceState:
type: object
required:
- ec2
- ecr
properties:
ec2:
allOf:
- $ref: '#/components/schemas/State'
- description: An object detailing the state of Amazon Inspector scanning for Amazon EC2 resources.
ecr:
allOf:
- $ref: '#/components/schemas/State'
- description: An object detailing the state of Amazon Inspector scanning for Amazon ECR resources.
lambda:
$ref: '#/components/schemas/State'
lambdaCode:
$ref: '#/components/schemas/State'
description: Details the state of Amazon Inspector for each resource type Amazon Inspector scans.
State:
type: object
required:
- errorCode
- errorMessage
- status
properties:
errorCode:
allOf:
- $ref: '#/components/schemas/ErrorCode'
- description: The error code explaining why the account failed to enable Amazon Inspector.
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The error message received when the account failed to enable Amazon Inspector.
status:
allOf:
- $ref: '#/components/schemas/Status'
- description: The status of Amazon Inspector for the account.
description: An object that described the state of Amazon Inspector scans for an account.
AccountState:
type: object
required:
- accountId
- resourceState
- state
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID.
resourceState:
allOf:
- $ref: '#/components/schemas/ResourceState'
- description: An object detailing which resources Amazon Inspector is enabled to scan for the account.
state:
allOf:
- $ref: '#/components/schemas/State'
- description: An object detailing the status of Amazon Inspector for the account.
description: An object with details the status of an Amazon Web Services account within your Amazon Inspector environment.
AccountStateList:
type: array
items:
$ref: '#/components/schemas/AccountState'
minItems: 0
maxItems: 100
AggCounts:
type: integer
AggregationRequest:
type: object
properties:
accountAggregation:
allOf:
- $ref: '#/components/schemas/AccountAggregation'
- description: An object that contains details about an aggregation request based on Amazon Web Services account IDs.
amiAggregation:
allOf:
- $ref: '#/components/schemas/AmiAggregation'
- description: An object that contains details about an aggregation request based on Amazon Machine Images (AMIs).
awsEcrContainerAggregation:
allOf:
- $ref: '#/components/schemas/AwsEcrContainerAggregation'
- description: An object that contains details about an aggregation request based on Amazon ECR container images.
ec2InstanceAggregation:
allOf:
- $ref: '#/components/schemas/Ec2InstanceAggregation'
- description: An object that contains details about an aggregation request based on Amazon EC2 instances.
findingTypeAggregation:
allOf:
- $ref: '#/components/schemas/FindingTypeAggregation'
- description: An object that contains details about an aggregation request based on finding types.
imageLayerAggregation:
allOf:
- $ref: '#/components/schemas/ImageLayerAggregation'
- description: An object that contains details about an aggregation request based on container image layers.
lambdaFunctionAggregation:
allOf:
- $ref: '#/components/schemas/LambdaFunctionAggregation'
- description: Returns an object with findings aggregated by AWS Lambda function.
lambdaLayerAggregation:
allOf:
- $ref: '#/components/schemas/LambdaLayerAggregation'
- description: Returns an object with findings aggregated by AWS Lambda layer.
packageAggregation:
allOf:
- $ref: '#/components/schemas/PackageAggregation'
- description: An object that contains details about an aggregation request based on operating system package type.
repositoryAggregation:
allOf:
- $ref: '#/components/schemas/RepositoryAggregation'
- description: An object that contains details about an aggregation request based on Amazon ECR repositories.
titleAggregation:
allOf:
- $ref: '#/components/schemas/TitleAggregation'
- description: An object that contains details about an aggregation request based on finding title.
description: Contains details about an aggregation request.
AmiAggregationResponse:
type: object
required:
- ami
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID for the AMI.
affectedInstances:
allOf:
- $ref: '#/components/schemas/Long'
- description: The IDs of Amazon EC2 instances using this AMI.
ami:
allOf:
- $ref: '#/components/schemas/AmiId'
- description: The ID of the AMI that findings were aggregated for.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: An object that contains the count of matched findings per severity.
description: A response that contains the results of a finding aggregation by AMI.
AwsEcrContainerAggregationResponse:
type: object
required:
- resourceId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the account that owns the container.
architecture:
allOf:
- $ref: '#/components/schemas/String'
- description: The architecture of the container.
imageSha:
allOf:
- $ref: '#/components/schemas/String'
- description: The SHA value of the container image.
imageTags:
allOf:
- $ref: '#/components/schemas/StringList'
- description: The container image stags.
repository:
allOf:
- $ref: '#/components/schemas/String'
- description: The container repository.
resourceId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The resource ID of the container.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: The number of finding by severity.
description: An aggregation of information about Amazon ECR containers.
Ec2InstanceAggregationResponse:
type: object
required:
- instanceId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/String'
- description: The Amazon Web Services account for the Amazon EC2 instance.
ami:
allOf:
- $ref: '#/components/schemas/AmiId'
- description: The Amazon Machine Image (AMI) of the Amazon EC2 instance.
instanceId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The Amazon EC2 instance ID.
instanceTags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The tags attached to the instance.
networkFindings:
allOf:
- $ref: '#/components/schemas/Long'
- description: The number of network findings for the Amazon EC2 instance.
operatingSystem:
allOf:
- $ref: '#/components/schemas/String'
- description: The operating system of the Amazon EC2 instance.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: An object that contains the count of matched findings per severity.
description: A response that contains the results of a finding aggregation by Amazon EC2 instance.
FindingTypeAggregationResponse:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The ID of the Amazon Web Services account associated with the findings.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: The value to sort results by.
description: A response that contains the results of a finding type aggregation.
ImageLayerAggregationResponse:
type: object
required:
- accountId
- layerHash
- repository
- resourceId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The ID of the Amazon Web Services account that owns the container image hosting the layer image.
layerHash:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The layer hash.
repository:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The repository the layer resides in.
resourceId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The resource ID of the container image layer.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: An object that represents the count of matched findings per severity.
description: A response that contains the results of a finding aggregation by image layer.
LambdaFunctionAggregationResponse:
type: object
required:
- resourceId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: 'The ID of the AWS account that owns the AWS Lambda function. '
functionName:
allOf:
- $ref: '#/components/schemas/String'
- description: The AWS Lambda function names included in the aggregation results.
lambdaTags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The tags included in the aggregation results.
lastModifiedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date that the AWS Lambda function included in the aggregation results was last changed.
resourceId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The resource IDs included in the aggregation results.
runtime:
allOf:
- $ref: '#/components/schemas/String'
- description: The runtimes included in the aggregation results.
severityCounts:
$ref: '#/components/schemas/SeverityCounts'
description: A response that contains the results of an AWS Lambda function finding aggregation.
LambdaLayerAggregationResponse:
type: object
required:
- accountId
- functionName
- layerArn
- resourceId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The account ID of the AWS Lambda function layer.
functionName:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The names of the AWS Lambda functions associated with the layers.
layerArn:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The Amazon Resource Name (ARN) of the AWS Lambda function layer.
resourceId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The Resource ID of the AWS Lambda function layer.
severityCounts:
$ref: '#/components/schemas/SeverityCounts'
description: A response that contains the results of an AWS Lambda function layer finding aggregation.
PackageAggregationResponse:
type: object
required:
- packageName
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The ID of the Amazon Web Services account associated with the findings.
packageName:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The name of the operating system package.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: An object that contains the count of matched findings per severity.
description: A response that contains the results of a finding aggregation by image layer.
RepositoryAggregationResponse:
type: object
required:
- repository
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The ID of the Amazon Web Services account associated with the findings.
affectedImages:
allOf:
- $ref: '#/components/schemas/Long'
- description: The number of container images impacted by the findings.
repository:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The name of the repository associated with the findings.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: An object that represent the count of matched findings per severity.
description: A response that contains details on the results of a finding aggregation by repository.
TitleAggregationResponse:
type: object
required:
- title
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The ID of the Amazon Web Services account associated with the findings.
severityCounts:
allOf:
- $ref: '#/components/schemas/SeverityCounts'
- description: An object that represent the count of matched findings per severity.
title:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The title that the findings were aggregated on.
vulnerabilityId:
allOf:
- $ref: '#/components/schemas/String'
- description: The vulnerability ID of the finding.
description: A response that contains details on the results of a finding aggregation by title.
AggregationResponse:
type: object
properties:
accountAggregation:
allOf:
- $ref: '#/components/schemas/AccountAggregationResponse'
- description: An object that contains details about an aggregation response based on Amazon Web Services account IDs.
amiAggregation:
allOf:
- $ref: '#/components/schemas/AmiAggregationResponse'
- description: An object that contains details about an aggregation response based on Amazon Machine Images (AMIs).
awsEcrContainerAggregation:
allOf:
- $ref: '#/components/schemas/AwsEcrContainerAggregationResponse'
- description: An object that contains details about an aggregation response based on Amazon ECR container images.
ec2InstanceAggregation:
allOf:
- $ref: '#/components/schemas/Ec2InstanceAggregationResponse'
- description: An object that contains details about an aggregation response based on Amazon EC2 instances.
findingTypeAggregation:
allOf:
- $ref: '#/components/schemas/FindingTypeAggregationResponse'
- description: An object that contains details about an aggregation response based on finding types.
imageLayerAggregation:
allOf:
- $ref: '#/components/schemas/ImageLayerAggregationResponse'
- description: An object that contains details about an aggregation response based on container image layers.
lambdaFunctionAggregation:
allOf:
- $ref: '#/components/schemas/LambdaFunctionAggregationResponse'
- description: An aggregation of findings by AWS Lambda function.
lambdaLayerAggregation:
allOf:
- $ref: '#/components/schemas/LambdaLayerAggregationResponse'
- description: An aggregation of findings by AWS Lambda layer.
packageAggregation:
allOf:
- $ref: '#/components/schemas/PackageAggregationResponse'
- description: An object that contains details about an aggregation response based on operating system package type.
repositoryAggregation:
allOf:
- $ref: '#/components/schemas/RepositoryAggregationResponse'
- description: An object that contains details about an aggregation response based on Amazon ECR repositories.
titleAggregation:
allOf:
- $ref: '#/components/schemas/TitleAggregationResponse'
- description: An object that contains details about an aggregation response based on finding title.
description: A structure that contains details about the results of an aggregation type.
AggregationResponseList:
type: array
items:
$ref: '#/components/schemas/AggregationResponse'
AggregationType:
type: string
enum:
- FINDING_TYPE
- PACKAGE
- TITLE
- REPOSITORY
- AMI
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER
- IMAGE_LAYER
- ACCOUNT
- AWS_LAMBDA_FUNCTION
- LAMBDA_LAYER
AmiSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
- AFFECTED_INSTANCES
Long:
type: integer
AmiId:
type: string
pattern: '^ami-([a-z0-9]{8}|[a-z0-9]{17}|\*)$'
Architecture:
type: string
enum:
- X86_64
- ARM64
ArchitectureList:
type: array
items:
$ref: '#/components/schemas/Architecture'
minItems: 1
maxItems: 1
Arn:
type: string
minLength: 1
maxLength: 1011
AssociateMemberRequest:
type: object
required:
- accountId
title: AssociateMemberRequest
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the member account to be associated.
FirstSeen:
type: string
format: date-time
LastSeen:
type: string
format: date-time
Targets:
type: array
items:
$ref: '#/components/schemas/Target'
minItems: 0
Ttps:
type: array
items:
$ref: '#/components/schemas/Ttp'
minItems: 0
AtigData:
type: object
properties:
firstSeen:
allOf:
- $ref: '#/components/schemas/FirstSeen'
- description: The date and time this vulnerability was first observed.
lastSeen:
allOf:
- $ref: '#/components/schemas/LastSeen'
- description: The date and time this vulnerability was last observed.
targets:
allOf:
- $ref: '#/components/schemas/Targets'
- description: The commercial sectors this vulnerability targets.
ttps:
allOf:
- $ref: '#/components/schemas/Ttps'
- description: 'The MITRE ATT&CK tactics, techniques, and procedures (TTPs) associated with vulnerability.'
description: The Amazon Web Services Threat Intel Group (ATIG) details for a specific vulnerability.
AutoEnable:
type: object
required:
- ec2
- ecr
properties:
ec2:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
ecr:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
lambda:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: 'Represents whether AWS Lambda standard scans are automatically enabled for new members of your Amazon Inspector organization. '
lambdaCode:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Represents whether AWS Lambda code scans are automatically enabled for new members of your Amazon Inspector organization. </p>
description: Represents which scan types are automatically enabled for new members of your Amazon Inspector organization.
NonEmptyString:
type: string
minLength: 1
IpV4AddressList:
type: array
items:
$ref: '#/components/schemas/IpV4Address'
IpV6AddressList:
type: array
items:
$ref: '#/components/schemas/IpV6Address'
DateTimeTimestamp:
type: string
format: date-time
Platform:
type: string
minLength: 1
maxLength: 1024
AwsEc2InstanceDetails:
type: object
properties:
iamInstanceProfileArn:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The IAM instance profile ARN of the Amazon EC2 instance.
imageId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The image ID of the Amazon EC2 instance.
ipV4Addresses:
allOf:
- $ref: '#/components/schemas/IpV4AddressList'
- description: The IPv4 addresses of the Amazon EC2 instance.
ipV6Addresses:
allOf:
- $ref: '#/components/schemas/IpV6AddressList'
- description: The IPv6 addresses of the Amazon EC2 instance.
keyName:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The name of the key pair used to launch the Amazon EC2 instance.
launchedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time the Amazon EC2 instance was launched at.
platform:
allOf:
- $ref: '#/components/schemas/Platform'
- description: The platform of the Amazon EC2 instance.
subnetId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The subnet ID of the Amazon EC2 instance.
type:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The type of the Amazon EC2 instance.
vpcId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The VPC ID of the Amazon EC2 instance.
description: Details of the Amazon EC2 instance involved in a finding.
AwsEcrContainerSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
StringList:
type: array
items:
$ref: '#/components/schemas/NonEmptyString'
ImageHash:
type: string
pattern: '^sha256:[a-z0-9]{64}$'
minLength: 71
maxLength: 71
ImageTagList:
type: array
items:
$ref: '#/components/schemas/NonEmptyString'
AwsEcrContainerImageDetails:
type: object
required:
- imageHash
- registry
- repositoryName
properties:
architecture:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The architecture of the Amazon ECR container image.
author:
allOf:
- $ref: '#/components/schemas/String'
- description: The image author of the Amazon ECR container image.
imageHash:
allOf:
- $ref: '#/components/schemas/ImageHash'
- description: The image hash of the Amazon ECR container image.
imageTags:
allOf:
- $ref: '#/components/schemas/ImageTagList'
- description: The image tags attached to the Amazon ECR container image.
platform:
allOf:
- $ref: '#/components/schemas/Platform'
- description: The platform of the Amazon ECR container image.
pushedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time the Amazon ECR container image was pushed.
registry:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The registry for the Amazon ECR container image.
repositoryName:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The name of the repository the Amazon ECR container image resides in.
description: The image details of the Amazon ECR container image.
ExecutionRoleArn:
type: string
pattern: '^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$'
FunctionName:
type: string
pattern: '^[a-zA-Z0-9-_\.]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$'
Timestamp:
type: string
format: date-time
LayerList:
type: array
items:
$ref: '#/components/schemas/LambdaLayerArn'
minItems: 1
maxItems: 5
PackageType:
type: string
enum:
- IMAGE
- ZIP
Runtime:
type: string
enum:
- NODEJS
- NODEJS_12_X
- NODEJS_14_X
- NODEJS_16_X
- JAVA_8
- JAVA_8_AL2
- JAVA_11
- PYTHON_3_7
- PYTHON_3_8
- PYTHON_3_9
- UNSUPPORTED
- NODEJS_18_X
- GO_1_X
- JAVA_17
- PYTHON_3_10
Version:
type: string
pattern: '^\$LATEST|[0-9]+$'
LambdaVpcConfig:
type: object
properties:
securityGroupIds:
allOf:
- $ref: '#/components/schemas/SecurityGroupIdList'
- description: 'The VPC security groups and subnets that are attached to an AWS Lambda function. For more information, see VPC
Settings.'
subnetIds:
allOf:
- $ref: '#/components/schemas/SubnetIdList'
- description: A list of VPC subnet IDs.
vpcId:
allOf:
- $ref: '#/components/schemas/VpcId'
- description: The ID of the VPC.
description: 'The VPC security groups and subnets that are attached to an AWS Lambda function. For more information, see VPC
Settings.'
AwsLambdaFunctionDetails:
type: object
required:
- codeSha256
- executionRoleArn
- functionName
- runtime
- version
properties:
architectures:
allOf:
- $ref: '#/components/schemas/ArchitectureList'
- description: The instruction set architecture that the AWS Lambda function supports. Architecture is a string array with one of the valid values. The default architecture value is
x86_64.
codeSha256:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The SHA256 hash of the AWS Lambda function's deployment package.
executionRoleArn:
allOf:
- $ref: '#/components/schemas/ExecutionRoleArn'
- description: The AWS Lambda function's execution role.
functionName:
allOf:
- $ref: '#/components/schemas/FunctionName'
- description: The name of the AWS Lambda function.
lastModifiedAt:
allOf:
- $ref: '#/components/schemas/Timestamp'
- description: 'The date and time that a user last updated the configuration, in ISO 8601 format '
layers:
allOf:
- $ref: '#/components/schemas/LayerList'
- description: 'The AWS Lambda function''s layers. A Lambda function can have up to five layers.'
packageType:
allOf:
- $ref: '#/components/schemas/PackageType'
- description: The type of deployment package. Set to Image for container image and set Zip for .zip file archive.
runtime:
allOf:
- $ref: '#/components/schemas/Runtime'
- description: The runtime environment for the AWS Lambda function.
version:
allOf:
- $ref: '#/components/schemas/Version'
- description: The version of the AWS Lambda function.
vpcConfig:
allOf:
- $ref: '#/components/schemas/LambdaVpcConfig'
- description: The AWS Lambda function's networking configuration.
description: ' A summary of information about the AWS Lambda function.'
BatchGetAccountStatusRequest:
type: object
title: BatchGetAccountStatusRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/AccountIdSet'
- description: The 12-digit Amazon Web Services account IDs of the accounts to retrieve Amazon Inspector status for.
FailedAccountList:
type: array
items:
$ref: '#/components/schemas/FailedAccount'
minItems: 0
maxItems: 100
BatchGetCodeSnippetRequestFindingArnsList:
type: array
items:
$ref: '#/components/schemas/FindingArn'
minItems: 1
maxItems: 10
BatchGetCodeSnippetRequest:
type: object
required:
- findingArns
title: BatchGetCodeSnippetRequest
properties:
findingArns:
allOf:
- $ref: '#/components/schemas/BatchGetCodeSnippetRequestFindingArnsList'
- description: An array of finding ARNs for the findings you want to retrieve code snippets from.
CodeSnippetResultList:
type: array
items:
$ref: '#/components/schemas/CodeSnippetResult'
CodeSnippetErrorList:
type: array
items:
$ref: '#/components/schemas/CodeSnippetError'
FindingArnList:
type: array
items:
$ref: '#/components/schemas/FindingArn'
minItems: 1
maxItems: 10
BatchGetFindingDetailsRequest:
type: object
required:
- findingArns
title: BatchGetFindingDetailsRequest
properties:
findingArns:
allOf:
- $ref: '#/components/schemas/FindingArnList'
- description: A list of finding ARNs.
FindingDetailsErrorList:
type: array
items:
$ref: '#/components/schemas/FindingDetailsError'
FindingDetails:
type: array
items:
$ref: '#/components/schemas/FindingDetail'
minItems: 0
BatchGetFreeTrialInfoRequestAccountIdsList:
type: array
items:
$ref: '#/components/schemas/MeteringAccountId'
minItems: 1
maxItems: 100
BatchGetFreeTrialInfoRequest:
type: object
required:
- accountIds
title: BatchGetFreeTrialInfoRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/BatchGetFreeTrialInfoRequestAccountIdsList'
- description: The account IDs to get free trial status for.
FreeTrialAccountInfoList:
type: array
items:
$ref: '#/components/schemas/FreeTrialAccountInfo'
FreeTrialInfoErrorList:
type: array
items:
$ref: '#/components/schemas/FreeTrialInfoError'
BatchGetMemberEc2DeepInspectionStatusRequest:
type: object
title: BatchGetMemberEc2DeepInspectionStatusRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/AccountIdSet'
- description: The unique identifiers for the Amazon Web Services accounts to retrieve Amazon Inspector deep inspection activation status for. </p>
MemberAccountEc2DeepInspectionStatusStateList:
type: array
items:
$ref: '#/components/schemas/MemberAccountEc2DeepInspectionStatusState'
minItems: 0
maxItems: 100
FailedMemberAccountEc2DeepInspectionStatusStateList:
type: array
items:
$ref: '#/components/schemas/FailedMemberAccountEc2DeepInspectionStatusState'
minItems: 0
maxItems: 100
MemberAccountEc2DeepInspectionStatusList:
type: array
items:
$ref: '#/components/schemas/MemberAccountEc2DeepInspectionStatus'
minItems: 0
maxItems: 100
BatchUpdateMemberEc2DeepInspectionStatusRequest:
type: object
required:
- accountIds
title: BatchUpdateMemberEc2DeepInspectionStatusRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/MemberAccountEc2DeepInspectionStatusList'
- description: The unique identifiers for the Amazon Web Services accounts to change Amazon Inspector deep inspection status for.
ReportId:
type: string
pattern: '\b[a-f0-9]{8}\b-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-\b[a-f0-9]{12}\b'
CancelFindingsReportRequest:
type: object
required:
- reportId
title: CancelFindingsReportRequest
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The ID of the report to be canceled.
CancelSbomExportRequest:
type: object
required:
- reportId
title: CancelSbomExportRequest
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The report ID of the SBOM export to cancel.
CisaAction:
type: string
minLength: 0
CisaDateAdded:
type: string
format: date-time
CisaDateDue:
type: string
format: date-time
CisaData:
type: object
properties:
action:
allOf:
- $ref: '#/components/schemas/CisaAction'
- description: The remediation action recommended by CISA for this vulnerability.
dateAdded:
allOf:
- $ref: '#/components/schemas/CisaDateAdded'
- description: The date and time CISA added this vulnerability to their catalogue.
dateDue:
allOf:
- $ref: '#/components/schemas/CisaDateDue'
- description: The date and time CISA expects a fix to have been provided vulnerability.
description: The Cybersecurity and Infrastructure Security Agency (CISA) details for a specific vulnerability.
ClientToken:
type: string
minLength: 1
maxLength: 64
Integer:
type: integer
CodeFilePath:
type: object
required:
- endLine
- fileName
- filePath
- startLine
properties:
endLine:
allOf:
- $ref: '#/components/schemas/Integer'
- description: The line number of the last line of code that a vulnerability was found in.
fileName:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The name of the file the code vulnerability was found in.
filePath:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The file path to the code that a vulnerability was found in.
startLine:
allOf:
- $ref: '#/components/schemas/Integer'
- description: The line number of the first line of code that a vulnerability was found in.
description: Contains information on where a code vulnerability is located in your Lambda function.
CodeLineContentString:
type: string
minLength: 0
maxLength: 240
CodeLine:
type: object
required:
- content
- lineNumber
properties:
content:
allOf:
- $ref: '#/components/schemas/CodeLineContentString'
- description: The content of a line of code
lineNumber:
allOf:
- $ref: '#/components/schemas/Integer'
- description: The line number that a section of code is located at.
description: Contains information on the lines of code associated with a code snippet.
CodeLineList:
type: array
items:
$ref: '#/components/schemas/CodeLine'
minItems: 1
maxItems: 20
CodeSnippetErrorCode:
type: string
enum:
- INTERNAL_ERROR
- ACCESS_DENIED
- CODE_SNIPPET_NOT_FOUND
- INVALID_INPUT
CodeSnippetError:
type: object
required:
- errorCode
- errorMessage
- findingArn
properties:
errorCode:
allOf:
- $ref: '#/components/schemas/CodeSnippetErrorCode'
- description: The error code for the error that prevented a code snippet from being retrieved.
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The error message received when Amazon Inspector failed to retrieve a code snippet.
findingArn:
allOf:
- $ref: '#/components/schemas/FindingArn'
- description: The ARN of the finding that a code snippet couldn't be retrieved for.
description: Contains information about any errors encountered while trying to retrieve a code snippet.
SuggestedFixes:
type: array
items:
$ref: '#/components/schemas/SuggestedFix'
minItems: 1
maxItems: 5
CodeSnippetResult:
type: object
properties:
codeSnippet:
allOf:
- $ref: '#/components/schemas/CodeLineList'
- description: Contains information on the retrieved code snippet.
endLine:
allOf:
- $ref: '#/components/schemas/Integer'
- description: The line number of the last line of a code snippet.
findingArn:
allOf:
- $ref: '#/components/schemas/FindingArn'
- description: The ARN of a finding that the code snippet is associated with.
startLine:
allOf:
- $ref: '#/components/schemas/Integer'
- description: The line number of the first line of a code snippet.
suggestedFixes:
allOf:
- $ref: '#/components/schemas/SuggestedFixes'
- description: Details of a suggested code fix.
description: Contains information on a code snippet retrieved by Amazon Inspector from a code vulnerability finding.
CweList:
type: array
items:
$ref: '#/components/schemas/NonEmptyString'
minItems: 1
maxItems: 10
DetectorTagList:
type: array
items:
$ref: '#/components/schemas/NonEmptyString'
minItems: 1
maxItems: 10
ReferenceUrls:
type: array
items:
$ref: '#/components/schemas/NonEmptyString'
minItems: 1
maxItems: 10
LambdaLayerArn:
type: string
pattern: '^arn:[a-zA-Z0-9-]+:lambda:[a-zA-Z0-9-]+:\d{12}:layer:[a-zA-Z0-9-_]+:[0-9]+$'
CodeVulnerabilityDetails:
type: object
required:
- cwes
- detectorId
- detectorName
- filePath
properties:
cwes:
allOf:
- $ref: '#/components/schemas/CweList'
- description: The Common Weakness Enumeration (CWE) item associated with the detected vulnerability.
detectorId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: 'The ID for the Amazon CodeGuru detector associated with the finding. For more information on detectors see Amazon
CodeGuru Detector Library.'
detectorName:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: 'The name of the detector used to identify the code vulnerability. For more information on detectors see CodeGuru
Detector Library.'
detectorTags:
allOf:
- $ref: '#/components/schemas/DetectorTagList'
- description: 'The detector tag associated with the vulnerability. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language,
see Java tags, or Python tags. '
filePath:
allOf:
- $ref: '#/components/schemas/CodeFilePath'
- description: Contains information on where the code vulnerability is located in your code.
referenceUrls:
allOf:
- $ref: '#/components/schemas/ReferenceUrls'
- description: A URL containing supporting documentation about the code vulnerability detected.
ruleId:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The identifier for a rule that was used to detect the code vulnerability.
sourceLambdaLayerArn:
allOf:
- $ref: '#/components/schemas/LambdaLayerArn'
- description: The Amazon Resource Name (ARN) of the Lambda layer that the code vulnerability was detected in.
description: Contains information on the code vulnerability identified in your Lambda function.
Component:
type: string
ComponentType:
type: string
GroupKey:
type: string
enum:
- SCAN_STATUS_CODE
- SCAN_STATUS_REASON
- ACCOUNT_ID
- RESOURCE_TYPE
- ECR_REPOSITORY_NAME
Counts:
type: object
properties:
count:
allOf:
- $ref: '#/components/schemas/AggCounts'
- description: The number of resources.
groupKey:
allOf:
- $ref: '#/components/schemas/GroupKey'
- description: The key associated with this group
description: a structure that contains information on the count of resources within a group.
CountsList:
type: array
items:
$ref: '#/components/schemas/Counts'
minItems: 1
maxItems: 5
CoverageDateFilter:
type: object
properties:
endInclusive:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: A timestamp representing the end of the time period to filter results by.
startInclusive:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: A timestamp representing the start of the time period to filter results by.
description: Contains details of a coverage date filter.
CoverageFilterCriteria:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Web Services account IDs to return coverage statistics for.
ec2InstanceTags:
allOf:
- $ref: '#/components/schemas/CoverageMapFilterList'
- description: The Amazon EC2 instance tags to filter on.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The Amazon ECR image tags to filter on.
ecrRepositoryName:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The Amazon ECR repository name to filter on.
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by function names.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by runtime.
lambdaFunctionTags:
allOf:
- $ref: '#/components/schemas/CoverageMapFilterList'
- description: Returns coverage statistics for AWS Lambda functions filtered by tag.
lastScannedAt:
allOf:
- $ref: '#/components/schemas/CoverageDateFilterList'
- description: Filters Amazon Web Services resources based on whether Amazon Inspector has checked them for vulnerabilities within the specified time range.
resourceId:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Web Services resource IDs to return coverage statistics for.
resourceType:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: 'An array of Amazon Web Services resource types to return coverage statistics for. The values can be AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION or AWS_ECR_REPOSITORY.'
scanStatusCode:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The scan status code to filter on.
scanStatusReason:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: The scan status reason to filter on.
scanType:
allOf:
- $ref: '#/components/schemas/CoverageStringFilterList'
- description: An array of Amazon Inspector scan types to return coverage statistics for.
description: A structure that identifies filter criteria for GetCoverageStatistics.
CoverageMapComparison:
type: string
enum:
- EQUALS
CoverageMapFilter:
type: object
required:
- comparison
- key
properties:
comparison:
allOf:
- $ref: '#/components/schemas/CoverageMapComparison'
- description: The operator to compare coverage on.
key:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The tag key associated with the coverage map filter.
value:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The tag value associated with the coverage map filter.
description: Contains details of a coverage map filter.
CoverageResourceType:
type: string
enum:
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER_IMAGE
- AWS_ECR_REPOSITORY
- AWS_LAMBDA_FUNCTION
CoverageStringComparison:
type: string
enum:
- EQUALS
- NOT_EQUALS
CoverageStringInput:
type: string
minLength: 1
maxLength: 1024
CoverageStringFilter:
type: object
required:
- comparison
- value
properties:
comparison:
allOf:
- $ref: '#/components/schemas/CoverageStringComparison'
- description: The operator to compare strings on.
value:
allOf:
- $ref: '#/components/schemas/CoverageStringInput'
- description: The value to compare strings on.
description: Contains details of a coverage string filter.
ResourceId:
type: string
pattern: '(^arn:.*:ecr:.*:\d{12}:repository\/(?:[a-z0-9]+(?:[._-][a-z0-9]+)*\/)*[a-z0-9]+(?:[._-][a-z0-9]+)*(\/sha256:[a-z0-9]{64})?$)|(^i-([a-z0-9]{8}|[a-z0-9]{17}|\\*)$|(^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_\.]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$))'
minLength: 10
maxLength: 341
ResourceScanMetadata:
type: object
properties:
ec2:
allOf:
- $ref: '#/components/schemas/Ec2Metadata'
- description: An object that contains metadata details for an Amazon EC2 instance.
ecrImage:
allOf:
- $ref: '#/components/schemas/EcrContainerImageMetadata'
- description: An object that contains details about the container metadata for an Amazon ECR image.
ecrRepository:
allOf:
- $ref: '#/components/schemas/EcrRepositoryMetadata'
- description: An object that contains details about the repository an Amazon ECR image resides in.
lambdaFunction:
allOf:
- $ref: '#/components/schemas/LambdaFunctionMetadata'
- description: An object that contains metadata details for an AWS Lambda function.
description: An object that contains details about the metadata for an Amazon ECR resource.
ScanStatus:
type: object
required:
- reason
- statusCode
properties:
reason:
allOf:
- $ref: '#/components/schemas/ScanStatusReason'
- description: The reason for the scan.
statusCode:
allOf:
- $ref: '#/components/schemas/ScanStatusCode'
- description: The status code of the scan.
description: The status of the scan.
ScanType:
type: string
enum:
- NETWORK
- PACKAGE
- CODE
CoveredResource:
type: object
required:
- accountId
- resourceId
- resourceType
- scanType
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the covered resource.
lastScannedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time the resource was last checked for vulnerabilities.
resourceId:
allOf:
- $ref: '#/components/schemas/ResourceId'
- description: The ID of the covered resource.
resourceMetadata:
allOf:
- $ref: '#/components/schemas/ResourceScanMetadata'
- description: An object that contains details about the metadata.
resourceType:
allOf:
- $ref: '#/components/schemas/CoverageResourceType'
- description: The type of the covered resource.
scanStatus:
allOf:
- $ref: '#/components/schemas/ScanStatus'
- description: The status of the scan covering the resource.
scanType:
allOf:
- $ref: '#/components/schemas/ScanType'
- description: The Amazon Inspector scan type covering the resource.
description: An object that contains details about a resource covered by Amazon Inspector.
CoveredResources:
type: array
items:
$ref: '#/components/schemas/CoveredResource'
FilterAction:
type: string
enum:
- NONE
- SUPPRESS
FilterDescription:
type: string
minLength: 1
maxLength: 512
FilterCriteria:
type: object
properties:
awsAccountId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon Web Services account IDs used to filter findings.
codeVulnerabilityDetectorName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.
codeVulnerabilityDetectorTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available
tags by programming language, see Java tags, or Python
tags. '
codeVulnerabilityFilePath:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.
componentId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component IDs used to filter findings.
componentType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the component types used to filter findings.
ec2InstanceImageId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance image IDs used to filter findings.
ec2InstanceSubnetId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance subnet IDs used to filter findings.
ec2InstanceVpcId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon EC2 instance VPC IDs used to filter findings.
ecrImageArchitecture:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image architecture types used to filter findings.
ecrImageHash:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details of the Amazon ECR image hashes used to filter findings.
ecrImagePushedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the Amazon ECR image push date and time used to filter findings.
ecrImageRegistry:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the Amazon ECR registry used to filter findings.
ecrImageRepositoryName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the name of the Amazon ECR repository used to filter findings.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The tags attached to the Amazon ECR container image.
epssScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The EPSS score used to filter findings.
exploitAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda findings by the availability of exploits.
findingArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding ARNs used to filter findings.
findingStatus:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding status types used to filter findings.
findingType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding types used to filter findings.
firstObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was first seen used to filter findings.
fixAvailable:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that
some, but not all, of the packages identified in the finding have fixes available through updated versions.'
inspectorScore:
allOf:
- $ref: '#/components/schemas/NumberFilterList'
- description: The Amazon Inspector score to filter on.
lambdaFunctionExecutionRoleArn:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by execution role.
lambdaFunctionLastModifiedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: 'Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO
8601 format '
lambdaFunctionLayers:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: 'Filters the list of AWS Lambda functions by the function''s layers. A Lambda function can
have up to five layers.'
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the name of the function.
lambdaFunctionRuntime:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
lastObservedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last seen used to filter findings.
networkProtocol:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on network protocol used to filter findings.
portRange:
allOf:
- $ref: '#/components/schemas/PortRangeFilterList'
- description: Details on the port ranges used to filter findings.
relatedVulnerabilities:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the related vulnerabilities used to filter findings.
resourceId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource IDs used to filter findings.
resourceTags:
allOf:
- $ref: '#/components/schemas/MapFilterList'
- description: Details on the resource tags used to filter findings.
resourceType:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the resource types used to filter findings.
severity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the severity used to filter findings.
title:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the finding title used to filter findings.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateFilterList'
- description: Details on the date and time a finding was last updated at used to filter findings.
vendorSeverity:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vendor severity used to filter findings.
vulnerabilityId:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability ID used to filter findings.
vulnerabilitySource:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: Details on the vulnerability type used to filter findings.
vulnerablePackages:
allOf:
- $ref: '#/components/schemas/PackageFilterList'
- description: Details on the vulnerable packages used to filter findings.
description: Details on the criteria used to define the filter.
FilterName:
type: string
minLength: 1
maxLength: 128
FilterReason:
type: string
minLength: 1
maxLength: 512
TagMap:
type: object
additionalProperties:
$ref: '#/components/schemas/MapValue'
CreateFilterRequest:
type: object
required:
- action
- filterCriteria
- name
title: CreateFilterRequest
properties:
action:
allOf:
- $ref: '#/components/schemas/FilterAction'
- description: Defines the action that is to be applied to the findings that match the filter.
description:
allOf:
- $ref: '#/components/schemas/FilterDescription'
- description: A description of the filter.
filterCriteria:
allOf:
- $ref: '#/components/schemas/FilterCriteria'
- description: Defines the criteria to be used in the filter for querying findings.
name:
allOf:
- $ref: '#/components/schemas/FilterName'
- description: 'The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.'
reason:
allOf:
- $ref: '#/components/schemas/FilterReason'
- description: The reason for creating the filter.
tags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: A list of tags for the filter.
ReportFormat:
type: string
enum:
- CSV
- JSON
Destination:
type: object
required:
- bucketName
- kmsKeyArn
properties:
bucketName:
allOf:
- $ref: '#/components/schemas/String'
- description: The name of the Amazon S3 bucket to export findings to.
keyPrefix:
allOf:
- $ref: '#/components/schemas/String'
- description: The prefix that the findings will be written under.
kmsKeyArn:
allOf:
- $ref: '#/components/schemas/String'
- description: The ARN of the KMS key used to encrypt data when exporting findings.
description: Contains details of the Amazon S3 bucket and KMS key used to export findings.
CreateFindingsReportRequest:
type: object
required:
- reportFormat
- s3Destination
title: CreateFindingsReportRequest
properties:
filterCriteria:
allOf:
- $ref: '#/components/schemas/FilterCriteria'
- description: The filter criteria to apply to the results of the finding report.
reportFormat:
allOf:
- $ref: '#/components/schemas/ReportFormat'
- description: The format to generate the report in.
s3Destination:
allOf:
- $ref: '#/components/schemas/Destination'
- description: The Amazon S3 export destination for the report.
SbomReportFormat:
type: string
enum:
- CYCLONEDX_1_4
- SPDX_2_3
ResourceFilterCriteria:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The account IDs used as resource filter criteria.
ec2InstanceTags:
allOf:
- $ref: '#/components/schemas/ResourceMapFilterList'
- description: The EC2 instance tags used as resource filter criteria.
ecrImageTags:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The ECR image tags used as resource filter criteria.
ecrRepositoryName:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The ECR repository names used as resource filter criteria.
lambdaFunctionName:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The AWS Lambda function name used as resource filter criteria.
lambdaFunctionTags:
allOf:
- $ref: '#/components/schemas/ResourceMapFilterList'
- description: The AWS Lambda function tags used as resource filter criteria.
resourceId:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The resource IDs used as resource filter criteria.
resourceType:
allOf:
- $ref: '#/components/schemas/ResourceStringFilterList'
- description: The resource types used as resource filter criteria.
description: The resource filter criteria for a Software bill of materials (SBOM) report.
CreateSbomExportRequest:
type: object
required:
- reportFormat
- s3Destination
title: CreateSbomExportRequest
properties:
reportFormat:
allOf:
- $ref: '#/components/schemas/SbomReportFormat'
- description: The output format for the software bill of materials (SBOM) report.
resourceFilterCriteria:
allOf:
- $ref: '#/components/schemas/ResourceFilterCriteria'
- description: The resource filter criteria for the software bill of materials (SBOM) report.
s3Destination:
$ref: '#/components/schemas/Destination'
Currency:
type: string
enum:
- USD
Cvss2BaseScore:
type: number
format: double
Cvss2ScoringVector:
type: string
minLength: 0
Cvss2:
type: object
properties:
baseScore:
allOf:
- $ref: '#/components/schemas/Cvss2BaseScore'
- description: The CVSS v2 base score for the vulnerability.
scoringVector:
allOf:
- $ref: '#/components/schemas/Cvss2ScoringVector'
- description: The scoring vector associated with the CVSS v2 score.
description: The Common Vulnerability Scoring System (CVSS) version 2 details for the vulnerability.
Cvss3BaseScore:
type: number
format: double
Cvss3ScoringVector:
type: string
minLength: 0
Cvss3:
type: object
properties:
baseScore:
allOf:
- $ref: '#/components/schemas/Cvss3BaseScore'
- description: The CVSS v3 base score for the vulnerability.
scoringVector:
allOf:
- $ref: '#/components/schemas/Cvss3ScoringVector'
- description: The scoring vector associated with the CVSS v3 score.
description: The Common Vulnerability Scoring System (CVSS) version 3 details for the vulnerability.
Double:
type: number
format: double
CvssScore:
type: object
required:
- baseScore
- scoringVector
- source
- version
properties:
baseScore:
allOf:
- $ref: '#/components/schemas/Double'
- description: The base CVSS score used for the finding.
scoringVector:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The vector string of the CVSS score.
source:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The source of the CVSS score.
version:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The version of CVSS used for the score.
description: The CVSS score for a finding.
CvssScoreAdjustment:
type: object
required:
- metric
- reason
properties:
metric:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The metric used to adjust the CVSS score.
reason:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The reason the CVSS score has been adjustment.
description: Details on adjustments Amazon Inspector made to the CVSS score for a finding.
CvssScoreAdjustmentList:
type: array
items:
$ref: '#/components/schemas/CvssScoreAdjustment'
CvssScoreDetails:
type: object
required:
- score
- scoreSource
- scoringVector
- version
properties:
adjustments:
allOf:
- $ref: '#/components/schemas/CvssScoreAdjustmentList'
- description: An object that contains details about adjustment Amazon Inspector made to the CVSS score.
cvssSource:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The source of the CVSS data.
score:
allOf:
- $ref: '#/components/schemas/Double'
- description: The CVSS score.
scoreSource:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The source for the CVSS score.
scoringVector:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The vector for the CVSS score.
version:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The CVSS version used in scoring.
description: Information about the CVSS score.
CvssScoreList:
type: array
items:
$ref: '#/components/schemas/CvssScore'
Cwe:
type: string
minLength: 0
Cwes:
type: array
items:
$ref: '#/components/schemas/Cwe'
minItems: 0
DateFilter:
type: object
properties:
endInclusive:
allOf:
- $ref: '#/components/schemas/Timestamp'
- description: A timestamp representing the end of the time period filtered on.
startInclusive:
allOf:
- $ref: '#/components/schemas/Timestamp'
- description: A timestamp representing the start of the time period filtered on.
description: Contains details on the time range used to filter findings.
RelationshipStatus:
type: string
enum:
- CREATED
- INVITED
- DISABLED
- ENABLED
- REMOVED
- RESIGNED
- DELETED
- EMAIL_VERIFICATION_IN_PROGRESS
- EMAIL_VERIFICATION_FAILED
- REGION_DISABLED
- ACCOUNT_SUSPENDED
- CANNOT_CREATE_DETECTOR_IN_ORG_MASTER
DelegatedAdmin:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the Amazon Inspector delegated administrator for your organization.
relationshipStatus:
allOf:
- $ref: '#/components/schemas/RelationshipStatus'
- description: The status of the Amazon Inspector delegated administrator.
description: Details of the Amazon Inspector delegated administrator for your organization.
DelegatedAdminStatus:
type: string
enum:
- ENABLED
- DISABLE_IN_PROGRESS
DelegatedAdminAccount:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the Amazon Inspector delegated administrator for your organization.
status:
allOf:
- $ref: '#/components/schemas/DelegatedAdminStatus'
- description: The status of the Amazon Inspector delegated administrator.
description: Details of the Amazon Inspector delegated administrator for your organization.
DelegatedAdminAccountList:
type: array
items:
$ref: '#/components/schemas/DelegatedAdminAccount'
minItems: 0
maxItems: 5
DeleteFilterRequest:
type: object
required:
- arn
title: DeleteFilterRequest
properties:
arn:
allOf:
- $ref: '#/components/schemas/FilterArn'
- description: The Amazon Resource Number (ARN) of the filter to be deleted.
DescribeOrganizationConfigurationRequest:
type: object
title: DescribeOrganizationConfigurationRequest
properties: {}
DetectionPlatforms:
type: array
items:
$ref: '#/components/schemas/NonEmptyString'
minItems: 0
maxItems: 100
DisableDelegatedAdminAccountRequest:
type: object
required:
- delegatedAdminAccountId
title: DisableDelegatedAdminAccountRequest
properties:
delegatedAdminAccountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the current Amazon Inspector delegated administrator.
DisableResourceTypeList:
type: array
items:
$ref: '#/components/schemas/ResourceScanType'
minItems: 0
maxItems: 3
DisableRequest:
type: object
title: DisableRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/AccountIdSet'
- description: An array of account IDs you want to disable Amazon Inspector scans for.
resourceTypes:
allOf:
- $ref: '#/components/schemas/DisableResourceTypeList'
- description: The resource scan types you want to disable.
DisassociateMemberRequest:
type: object
required:
- accountId
title: DisassociateMemberRequest
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the member account to disassociate.
Ec2DeepInspectionStatus:
type: string
enum:
- ACTIVATED
- DEACTIVATED
- PENDING
- FAILED
Ec2InstanceSortBy:
type: string
enum:
- NETWORK_FINDINGS
- CRITICAL
- HIGH
- ALL
Ec2Platform:
type: string
enum:
- WINDOWS
- LINUX
- UNKNOWN
Ec2Metadata:
type: object
properties:
amiId:
allOf:
- $ref: '#/components/schemas/AmiId'
- description: The ID of the Amazon Machine Image (AMI) used to launch the instance.
platform:
allOf:
- $ref: '#/components/schemas/Ec2Platform'
- description: The platform of the instance.
tags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The tags attached to the instance.
description: Meta data details of an Amazon EC2 instance.
EcrConfiguration:
type: object
required:
- rescanDuration
properties:
rescanDuration:
allOf:
- $ref: '#/components/schemas/EcrRescanDuration'
- description: The ECR automated re-scan duration defines how long an ECR image will be actively scanned by Amazon Inspector. When the number of days since an image was last pushed exceeds
the automated re-scan duration the monitoring state of that image becomes inactive and all associated findings are scheduled for closure.
description: Details about the ECR automated re-scan duration setting for your environment.
EcrRescanDurationState:
type: object
properties:
rescanDuration:
allOf:
- $ref: '#/components/schemas/EcrRescanDuration'
- description: The ECR automated re-scan duration defines how long an ECR image will be actively scanned by Amazon Inspector. When the number of days since an image was last pushed exceeds
the automated re-scan duration the monitoring state of that image becomes inactive and all associated findings are scheduled for closure.
status:
allOf:
- $ref: '#/components/schemas/EcrRescanDurationStatus'
- description: The status of changes to the ECR automated re-scan duration.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: A timestamp representing when the last time the ECR scan duration setting was changed.
description: Details about the state of any changes to the ECR automated re-scan duration setting.
EcrConfigurationState:
type: object
properties:
rescanDurationState:
allOf:
- $ref: '#/components/schemas/EcrRescanDurationState'
- description: An object that contains details about the state of the ECR automated re-scan setting.
description: Details about the state of the ECR scans for your environment.
TagList:
type: array
items:
$ref: '#/components/schemas/String'
EcrContainerImageMetadata:
type: object
properties:
tags:
allOf:
- $ref: '#/components/schemas/TagList'
- description: Tags associated with the Amazon ECR image metadata.
description: Information on the Amazon ECR image metadata associated with a finding.
EcrScanFrequency:
type: string
enum:
- MANUAL
- SCAN_ON_PUSH
- CONTINUOUS_SCAN
EcrRepositoryMetadata:
type: object
properties:
name:
allOf:
- $ref: '#/components/schemas/String'
- description: The name of the Amazon ECR repository.
scanFrequency:
allOf:
- $ref: '#/components/schemas/EcrScanFrequency'
- description: The frequency of scans.
description: Information on the Amazon ECR repository metadata associated with a finding.
EcrRescanDurationStatus:
type: string
enum:
- SUCCESS
- PENDING
- FAILED
EnableDelegatedAdminAccountRequest:
type: object
required:
- delegatedAdminAccountId
title: EnableDelegatedAdminAccountRequest
properties:
clientToken:
allOf:
- $ref: '#/components/schemas/ClientToken'
- description: The idempotency token for the request.
delegatedAdminAccountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the Amazon Inspector delegated administrator.
EnableResourceTypeList:
type: array
items:
$ref: '#/components/schemas/ResourceScanType'
minItems: 1
maxItems: 3
EnableRequest:
type: object
required:
- resourceTypes
title: EnableRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/AccountIdSet'
- description: A list of account IDs you want to enable Amazon Inspector scans for.
clientToken:
allOf:
- $ref: '#/components/schemas/ClientToken'
- description: The idempotency token for the request.
resourceTypes:
allOf:
- $ref: '#/components/schemas/EnableResourceTypeList'
- description: The resource scan types you want to enable.
EpssScore:
type: number
format: double
Epss:
type: object
properties:
score:
allOf:
- $ref: '#/components/schemas/EpssScore'
- description: The Exploit Prediction Scoring System (EPSS) score.
description: Details about the Exploit Prediction Scoring System (EPSS) score.
EpssScoreValue:
type: number
format: double
minimum: 0
maximum: 1
EpssDetails:
type: object
properties:
score:
allOf:
- $ref: '#/components/schemas/EpssScoreValue'
- description: The EPSS score.
description: Details about the Exploit Prediction Scoring System (EPSS) score for a finding.
ErrorCode:
type: string
enum:
- ALREADY_ENABLED
- ENABLE_IN_PROGRESS
- DISABLE_IN_PROGRESS
- SUSPEND_IN_PROGRESS
- RESOURCE_NOT_FOUND
- ACCESS_DENIED
- INTERNAL_ERROR
- SSM_UNAVAILABLE
- SSM_THROTTLED
- EVENTBRIDGE_UNAVAILABLE
- EVENTBRIDGE_THROTTLED
- RESOURCE_SCAN_NOT_DISABLED
- DISASSOCIATE_ALL_MEMBERS
- ACCOUNT_IS_ISOLATED
ErrorMessage:
type: string
EvidenceDetail:
type: string
minLength: 0
EvidenceRule:
type: string
minLength: 0
EvidenceSeverity:
type: string
minLength: 0
Evidence:
type: object
properties:
evidenceDetail:
allOf:
- $ref: '#/components/schemas/EvidenceDetail'
- description: The evidence details.
evidenceRule:
allOf:
- $ref: '#/components/schemas/EvidenceRule'
- description: The evidence rule.
severity:
allOf:
- $ref: '#/components/schemas/EvidenceSeverity'
- description: The evidence severity.
description: Details of the evidence for a vulnerability identified in a finding.
EvidenceList:
type: array
items:
$ref: '#/components/schemas/Evidence'
ExploitAvailable:
type: string
enum:
- 'YES'
- 'NO'
ExploitObserved:
type: object
properties:
firstSeen:
allOf:
- $ref: '#/components/schemas/FirstSeen'
- description: The date an time when the exploit was first seen.
lastSeen:
allOf:
- $ref: '#/components/schemas/LastSeen'
- description: The date an time when the exploit was last seen.
description: Contains information on when this exploit was observed.
ExploitabilityDetails:
type: object
properties:
lastKnownExploitAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time of the last exploit associated with a finding discovered in your environment.
description: The details of an exploit available for a finding discovered in your environment.
ExternalReportStatus:
type: string
enum:
- SUCCEEDED
- IN_PROGRESS
- CANCELLED
- FAILED
FailedAccount:
type: object
required:
- accountId
- errorCode
- errorMessage
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID.
errorCode:
allOf:
- $ref: '#/components/schemas/ErrorCode'
- description: The error code explaining why the account failed to enable Amazon Inspector.
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The error message received when the account failed to enable Amazon Inspector.
resourceStatus:
allOf:
- $ref: '#/components/schemas/ResourceStatus'
- description: An object detailing which resources Amazon Inspector is enabled to scan for the account.
status:
allOf:
- $ref: '#/components/schemas/Status'
- description: The status of Amazon Inspector for the account.
description: An object with details on why an account failed to enable Amazon Inspector.
FailedMemberAccountEc2DeepInspectionStatusState:
type: object
required:
- accountId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The unique identifier for the Amazon Web Services account of the organization member that failed to activate Amazon Inspector deep inspection.
ec2ScanStatus:
allOf:
- $ref: '#/components/schemas/Status'
- description: The status of EC2 scanning in the account that failed to activate Amazon Inspector deep inspection.
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The error message explaining why the account failed to activate Amazon Inspector deep inspection.
description: An object that contains details about a member account in your organization that failed to activate Amazon Inspector deep inspection.
FilePath:
type: string
minLength: 1
maxLength: 1024
OwnerId:
type: string
pattern: '(^\d{12}$)|(^o-[a-z0-9]{10,32}$)'
minLength: 12
maxLength: 34
Filter:
type: object
required:
- action
- arn
- createdAt
- criteria
- name
- ownerId
- updatedAt
properties:
action:
allOf:
- $ref: '#/components/schemas/FilterAction'
- description: The action that is to be applied to the findings that match the filter.
arn:
allOf:
- $ref: '#/components/schemas/FilterArn'
- description: The Amazon Resource Number (ARN) associated with this filter.
createdAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time this filter was created at.
criteria:
allOf:
- $ref: '#/components/schemas/FilterCriteria'
- description: Details on the filter criteria associated with this filter.
description:
allOf:
- $ref: '#/components/schemas/FilterDescription'
- description: A description of the filter.
name:
allOf:
- $ref: '#/components/schemas/FilterName'
- description: The name of the filter.
ownerId:
allOf:
- $ref: '#/components/schemas/OwnerId'
- description: The Amazon Web Services account ID of the account that created the filter.
reason:
allOf:
- $ref: '#/components/schemas/FilterReason'
- description: The reason for the filter.
tags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The tags attached to the filter.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time the filter was last updated at.
description: Details about a filter.
FilterArnList:
type: array
items:
$ref: '#/components/schemas/FilterArn'
FilterList:
type: array
items:
$ref: '#/components/schemas/Filter'
FindingDescription:
type: string
minLength: 1
maxLength: 1024
FixAvailable:
type: string
enum:
- 'YES'
- 'NO'
- PARTIAL
InspectorScoreDetails:
type: object
properties:
adjustedCvss:
allOf:
- $ref: '#/components/schemas/CvssScoreDetails'
- description: An object that contains details about the CVSS score given to a finding.
description: Information about the Amazon Inspector score given to a finding.
NetworkReachabilityDetails:
type: object
required:
- networkPath
- openPortRange
- protocol
properties:
networkPath:
allOf:
- $ref: '#/components/schemas/NetworkPath'
- description: An object that contains details about a network path associated with a finding.
openPortRange:
allOf:
- $ref: '#/components/schemas/PortRange'
- description: An object that contains details about the open port range associated with a finding.
protocol:
allOf:
- $ref: '#/components/schemas/NetworkProtocol'
- description: The protocol associated with a finding.
description: Contains the details of a network reachability finding.
PackageVulnerabilityDetails:
type: object
required:
- source
- vulnerabilityId
properties:
cvss:
allOf:
- $ref: '#/components/schemas/CvssScoreList'
- description: An object that contains details about the CVSS score of a finding.
referenceUrls:
allOf:
- $ref: '#/components/schemas/NonEmptyStringList'
- description: One or more URLs that contain details about this vulnerability type.
relatedVulnerabilities:
allOf:
- $ref: '#/components/schemas/VulnerabilityIdList'
- description: One or more vulnerabilities related to the one identified in this finding.
source:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The source of the vulnerability information.
sourceUrl:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: A URL to the source of the vulnerability information.
vendorCreatedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time that this vulnerability was first added to the vendor's database.
vendorSeverity:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The severity the vendor has given to this vulnerability type.
vendorUpdatedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time the vendor last updated this vulnerability in their database.
vulnerabilityId:
allOf:
- $ref: '#/components/schemas/VulnerabilityId'
- description: The ID given to this vulnerability.
vulnerablePackages:
allOf:
- $ref: '#/components/schemas/VulnerablePackageList'
- description: The packages impacted by this vulnerability.
description: Information about a package vulnerability finding.
Remediation:
type: object
properties:
recommendation:
allOf:
- $ref: '#/components/schemas/Recommendation'
- description: An object that contains information about the recommended course of action to remediate the finding.
description: Information on how to remediate a finding.
ResourceList:
type: array
items:
$ref: '#/components/schemas/Resource'
minItems: 1
maxItems: 10
Severity:
type: string
enum:
- INFORMATIONAL
- LOW
- MEDIUM
- HIGH
- CRITICAL
- UNTRIAGED
FindingStatus:
type: string
enum:
- ACTIVE
- SUPPRESSED
- CLOSED
FindingTitle:
type: string
minLength: 1
maxLength: 1024
FindingType:
type: string
enum:
- NETWORK_REACHABILITY
- PACKAGE_VULNERABILITY
- CODE_VULNERABILITY
Finding:
type: object
required:
- awsAccountId
- description
- findingArn
- firstObservedAt
- lastObservedAt
- remediation
- resources
- severity
- status
- type
properties:
awsAccountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID associated with the finding.
codeVulnerabilityDetails:
allOf:
- $ref: '#/components/schemas/CodeVulnerabilityDetails'
- description: Details about the code vulnerability identified in a Lambda function used to filter findings.
description:
allOf:
- $ref: '#/components/schemas/FindingDescription'
- description: The description of the finding.
epss:
allOf:
- $ref: '#/components/schemas/EpssDetails'
- description: The finding's EPSS score.
exploitAvailable:
allOf:
- $ref: '#/components/schemas/ExploitAvailable'
- description: If a finding discovered in your environment has an exploit available.
exploitabilityDetails:
allOf:
- $ref: '#/components/schemas/ExploitabilityDetails'
- description: The details of an exploit available for a finding discovered in your environment.
findingArn:
allOf:
- $ref: '#/components/schemas/FindingArn'
- description: The Amazon Resource Number (ARN) of the finding.
firstObservedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time that the finding was first observed.
fixAvailable:
allOf:
- $ref: '#/components/schemas/FixAvailable'
- description: 'Details on whether a fix is available through a version update. This value can be YES, NO, or PARTIAL. A PARTIAL fix means that
some, but not all, of the packages identified in the finding have fixes available through updated versions.'
inspectorScore:
allOf:
- $ref: '#/components/schemas/Double'
- description: The Amazon Inspector score given to the finding.
inspectorScoreDetails:
allOf:
- $ref: '#/components/schemas/InspectorScoreDetails'
- description: An object that contains details of the Amazon Inspector score.
lastObservedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time that the finding was last observed.
networkReachabilityDetails:
allOf:
- $ref: '#/components/schemas/NetworkReachabilityDetails'
- description: An object that contains the details of a network reachability finding.
packageVulnerabilityDetails:
allOf:
- $ref: '#/components/schemas/PackageVulnerabilityDetails'
- description: An object that contains the details of a package vulnerability finding.
remediation:
allOf:
- $ref: '#/components/schemas/Remediation'
- description: An object that contains the details about how to remediate a finding.
resources:
allOf:
- $ref: '#/components/schemas/ResourceList'
- description: Contains information on the resources involved in a finding.
severity:
allOf:
- $ref: '#/components/schemas/Severity'
- description: The severity of the finding.
status:
allOf:
- $ref: '#/components/schemas/FindingStatus'
- description: The status of the finding.
title:
allOf:
- $ref: '#/components/schemas/FindingTitle'
- description: The title of the finding.
type:
allOf:
- $ref: '#/components/schemas/FindingType'
- description: The type of the finding.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: The date and time the finding was last updated at.
description: Details about an Amazon Inspector finding.
VulnerabilityReferenceUrls:
type: array
items:
$ref: '#/components/schemas/VulnerabilityReferenceUrl'
minItems: 0
maxItems: 100
RiskScore:
type: integer
Tools:
type: array
items:
$ref: '#/components/schemas/Tool'
FindingDetail:
type: object
properties:
cisaData:
$ref: '#/components/schemas/CisaData'
cwes:
allOf:
- $ref: '#/components/schemas/Cwes'
- description: The Common Weakness Enumerations (CWEs) associated with the vulnerability.
epssScore:
allOf:
- $ref: '#/components/schemas/Double'
- description: The Exploit Prediction Scoring System (EPSS) score of the vulnerability.
evidences:
allOf:
- $ref: '#/components/schemas/EvidenceList'
- description: Information on the evidence of the vulnerability.
exploitObserved:
$ref: '#/components/schemas/ExploitObserved'
findingArn:
allOf:
- $ref: '#/components/schemas/FindingArn'
- description: The finding ARN that the vulnerability details are associated with.
referenceUrls:
allOf:
- $ref: '#/components/schemas/VulnerabilityReferenceUrls'
- description: The reference URLs for the vulnerability data.
riskScore:
allOf:
- $ref: '#/components/schemas/RiskScore'
- description: The risk score of the vulnerability.
tools:
allOf:
- $ref: '#/components/schemas/Tools'
- description: The known malware tools or kits that can exploit the vulnerability.
ttps:
allOf:
- $ref: '#/components/schemas/Ttps'
- description: 'The MITRE adversary tactics, techniques, or procedures (TTPs) associated with the vulnerability.'
description: Details of the vulnerability identified in a finding.
FindingDetailsErrorCode:
type: string
enum:
- INTERNAL_ERROR
- ACCESS_DENIED
- FINDING_DETAILS_NOT_FOUND
- INVALID_INPUT
FindingDetailsError:
type: object
required:
- errorCode
- errorMessage
- findingArn
properties:
errorCode:
allOf:
- $ref: '#/components/schemas/FindingDetailsErrorCode'
- description: The error code.
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The error message.
findingArn:
allOf:
- $ref: '#/components/schemas/FindingArn'
- description: The finding ARN that returned an error.
description: Details about an error encountered when trying to return vulnerability data for a finding.
FindingList:
type: array
items:
$ref: '#/components/schemas/Finding'
minItems: 0
maxItems: 25
FindingTypeSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
FreeTrialInfoList:
type: array
items:
$ref: '#/components/schemas/FreeTrialInfo'
FreeTrialAccountInfo:
type: object
required:
- accountId
- freeTrialInfo
properties:
accountId:
allOf:
- $ref: '#/components/schemas/MeteringAccountId'
- description: The account associated with the Amazon Inspector free trial information.
freeTrialInfo:
allOf:
- $ref: '#/components/schemas/FreeTrialInfoList'
- description: Contains information about the Amazon Inspector free trial for an account.
description: Information about the Amazon Inspector free trial for an account.
FreeTrialStatus:
type: string
enum:
- ACTIVE
- INACTIVE
FreeTrialType:
type: string
enum:
- EC2
- ECR
- LAMBDA
- LAMBDA_CODE
FreeTrialInfo:
type: object
required:
- end
- start
- status
- type
properties:
end:
allOf:
- $ref: '#/components/schemas/Timestamp'
- description: The date and time that the Amazon Inspector free trail ends for a given account.
start:
allOf:
- $ref: '#/components/schemas/Timestamp'
- description: The date and time that the Amazon Inspector free trail started for a given account.
status:
allOf:
- $ref: '#/components/schemas/FreeTrialStatus'
- description: The order to sort results by.
type:
allOf:
- $ref: '#/components/schemas/FreeTrialType'
- description: The type of scan covered by the Amazon Inspector free trail.
description: An object that contains information about the Amazon Inspector free trial for an account.
FreeTrialInfoErrorCode:
type: string
enum:
- ACCESS_DENIED
- INTERNAL_ERROR
FreeTrialInfoError:
type: object
required:
- accountId
- code
- message
properties:
accountId:
allOf:
- $ref: '#/components/schemas/MeteringAccountId'
- description: The account associated with the Amazon Inspector free trial information.
code:
allOf:
- $ref: '#/components/schemas/FreeTrialInfoErrorCode'
- description: The error code.
message:
allOf:
- $ref: '#/components/schemas/String'
- description: The error message returned.
description: Information about an error received while accessing free trail data for an account.
GetConfigurationRequest:
type: object
title: GetConfigurationRequest
properties: {}
GetDelegatedAdminAccountRequest:
type: object
title: GetDelegatedAdminAccountRequest
properties: {}
GetEc2DeepInspectionConfigurationRequest:
type: object
title: GetEc2DeepInspectionConfigurationRequest
properties: {}
PathList:
type: array
items:
$ref: '#/components/schemas/Path'
minItems: 0
maxItems: 5
ResourceType:
type: string
enum:
- AWS_EC2_INSTANCE
- AWS_ECR_CONTAINER_IMAGE
- AWS_ECR_REPOSITORY
- AWS_LAMBDA_FUNCTION
GetEncryptionKeyRequest:
type: object
title: GetEncryptionKeyRequest
properties: {}
KmsKeyArn:
type: string
pattern: '^arn:aws(-(us-gov|cn))?:kms:([a-z0-9][-.a-z0-9]{0,62})?:[0-9]{12}?:key/(([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})|(mrk-[0-9a-zA-Z]{32}))$'
GetFindingsReportStatusRequest:
type: object
title: GetFindingsReportStatusRequest
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The ID of the report to retrieve the status of.
ReportingErrorCode:
type: string
enum:
- INTERNAL_ERROR
- INVALID_PERMISSIONS
- NO_FINDINGS_FOUND
- BUCKET_NOT_FOUND
- INCOMPATIBLE_BUCKET_REGION
- MALFORMED_KMS_KEY
GetMemberRequest:
type: object
required:
- accountId
title: GetMemberRequest
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the member account to retrieve information on.
Member:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the member account.
delegatedAdminAccountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The Amazon Web Services account ID of the Amazon Inspector delegated administrator for this member account.
relationshipStatus:
allOf:
- $ref: '#/components/schemas/RelationshipStatus'
- description: The status of the member account.
updatedAt:
allOf:
- $ref: '#/components/schemas/DateTimeTimestamp'
- description: A timestamp showing when the status of this member was last updated.
description: Details on a member account in your organization.
GetSbomExportRequest:
type: object
required:
- reportId
title: GetSbomExportRequest
properties:
reportId:
allOf:
- $ref: '#/components/schemas/ReportId'
- description: The report ID of the SBOM export to get details for.
ImageLayerSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
IpV4Address:
type: string
pattern: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
minLength: 7
maxLength: 15
IpV6Address:
type: string
minLength: 1
maxLength: 47
LambdaFunctionSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
LambdaLayerList:
type: array
items:
$ref: '#/components/schemas/String'
minItems: 0
maxItems: 5
LambdaFunctionMetadata:
type: object
properties:
functionName:
allOf:
- $ref: '#/components/schemas/String'
- description: The name of a function.
functionTags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The resource tags on an AWS Lambda function.
layers:
allOf:
- $ref: '#/components/schemas/LambdaLayerList'
- description: The layers for an AWS Lambda function. A Lambda function can have up to five layers.
runtime:
allOf:
- $ref: '#/components/schemas/Runtime'
- description: An AWS Lambda function's runtime.
description: The AWS Lambda function metadata.
LambdaLayerSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
SecurityGroupIdList:
type: array
items:
$ref: '#/components/schemas/SecurityGroupId'
minItems: 0
maxItems: 5
SubnetIdList:
type: array
items:
$ref: '#/components/schemas/SubnetId'
minItems: 0
maxItems: 16
VpcId:
type: string
pattern: '^vpc-([a-z0-9]{8}|[a-z0-9]{17}|\*)$'
ListAccountPermissionsMaxResults:
type: integer
minimum: 1
maximum: 1024
NextToken:
type: string
minLength: 0
maxLength: 1000000
Service:
type: string
enum:
- EC2
- ECR
- LAMBDA
ListAccountPermissionsRequest:
type: object
title: ListAccountPermissionsRequest
properties:
maxResults:
allOf:
- $ref: '#/components/schemas/ListAccountPermissionsMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
service:
allOf:
- $ref: '#/components/schemas/Service'
- description: The service scan type to check permissions for.
Permissions:
type: array
items:
$ref: '#/components/schemas/Permission'
minItems: 0
maxItems: 1024
ListCoverageMaxResults:
type: integer
minimum: 1
maximum: 200
ListCoverageRequest:
type: object
title: ListCoverageRequest
properties:
filterCriteria:
allOf:
- $ref: '#/components/schemas/CoverageFilterCriteria'
- description: An object that contains details on the filters to apply to the coverage data for your environment.
maxResults:
allOf:
- $ref: '#/components/schemas/ListCoverageMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
ListCoverageStatisticsRequest:
type: object
title: ListCoverageStatisticsRequest
properties:
filterCriteria:
allOf:
- $ref: '#/components/schemas/CoverageFilterCriteria'
- description: An object that contains details on the filters to apply to the coverage data for your environment.
groupBy:
allOf:
- $ref: '#/components/schemas/GroupKey'
- description: The value to group the results by.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
ListDelegatedAdminMaxResults:
type: integer
minimum: 1
maximum: 5
ListDelegatedAdminAccountsRequest:
type: object
title: ListDelegatedAdminAccountsRequest
properties:
maxResults:
allOf:
- $ref: '#/components/schemas/ListDelegatedAdminMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
ListFilterMaxResults:
type: integer
minimum: 1
maximum: 100
ListFiltersRequest:
type: object
title: ListFiltersRequest
properties:
action:
allOf:
- $ref: '#/components/schemas/FilterAction'
- description: The action the filter applies to matched findings.
arns:
allOf:
- $ref: '#/components/schemas/FilterArnList'
- description: The Amazon resource number (ARN) of the filter.
maxResults:
allOf:
- $ref: '#/components/schemas/ListFilterMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
ListFindingAggregationsMaxResults:
type: integer
minimum: 1
maximum: 100
ListFindingAggregationsRequest:
type: object
required:
- aggregationType
title: ListFindingAggregationsRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/StringFilterList'
- description: The Amazon Web Services account IDs to retrieve finding aggregation data for.
aggregationRequest:
allOf:
- $ref: '#/components/schemas/AggregationRequest'
- description: Details of the aggregation request that is used to filter your aggregation results.
aggregationType:
allOf:
- $ref: '#/components/schemas/AggregationType'
- description: The type of the aggregation request.
maxResults:
allOf:
- $ref: '#/components/schemas/ListFindingAggregationsMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
ListFindingsMaxResults:
type: integer
minimum: 1
maximum: 100
SortCriteria:
type: object
required:
- field
- sortOrder
properties:
field:
allOf:
- $ref: '#/components/schemas/SortField'
- description: The finding detail field by which results are sorted.
sortOrder:
allOf:
- $ref: '#/components/schemas/SortOrder'
- description: The order by which findings are sorted.
description: Details about the criteria used to sort finding results.
ListFindingsRequest:
type: object
title: ListFindingsRequest
properties:
filterCriteria:
allOf:
- $ref: '#/components/schemas/FilterCriteria'
- description: Details on the filters to apply to your finding results.
maxResults:
allOf:
- $ref: '#/components/schemas/ListFindingsMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
sortCriteria:
allOf:
- $ref: '#/components/schemas/SortCriteria'
- description: Details on the sort criteria to apply to your finding results.
ListMembersMaxResults:
type: integer
minimum: 1
maximum: 50
ListMembersRequest:
type: object
title: ListMembersRequest
properties:
maxResults:
allOf:
- $ref: '#/components/schemas/ListMembersMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
onlyAssociated:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: Specifies whether to list only currently associated members if True or to list all members within the organization if False.
MemberList:
type: array
items:
$ref: '#/components/schemas/Member'
minItems: 0
maxItems: 50
ListTagsForResourceRequest:
type: object
title: ListTagsForResourceRequest
properties: {}
ListUsageTotalsMaxResults:
type: integer
minimum: 1
maximum: 500
ListUsageTotalsNextToken:
type: string
minLength: 1
UsageAccountIdList:
type: array
items:
$ref: '#/components/schemas/UsageAccountId'
minItems: 1
maxItems: 7000
ListUsageTotalsRequest:
type: object
title: ListUsageTotalsRequest
properties:
accountIds:
allOf:
- $ref: '#/components/schemas/UsageAccountIdList'
- description: The Amazon Web Services account IDs to retrieve usage totals for.
maxResults:
allOf:
- $ref: '#/components/schemas/ListUsageTotalsMaxResults'
- description: The maximum number of results to return in the response.
nextToken:
allOf:
- $ref: '#/components/schemas/ListUsageTotalsNextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
UsageTotalList:
type: array
items:
$ref: '#/components/schemas/UsageTotal'
MapComparison:
type: string
enum:
- EQUALS
MapKey:
type: string
minLength: 1
maxLength: 128
MapFilter:
type: object
required:
- comparison
- key
properties:
comparison:
allOf:
- $ref: '#/components/schemas/MapComparison'
- description: The operator to use when comparing values in the filter.
key:
allOf:
- $ref: '#/components/schemas/MapKey'
- description: The tag key used in the filter.
value:
allOf:
- $ref: '#/components/schemas/MapValue'
- description: The tag value used in the filter.
description: An object that describes details of a map filter.
MemberAccountEc2DeepInspectionStatusState:
type: object
required:
- accountId
properties:
accountId:
allOf:
- $ref: '#/components/schemas/AccountId'
- description: The unique identifier for the Amazon Web Services account of the organization member
errorMessage:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The error message explaining why the account failed to activate Amazon Inspector deep inspection.
status:
allOf:
- $ref: '#/components/schemas/Ec2DeepInspectionStatus'
- description: The state of Amazon Inspector deep inspection in the member account.
description: An object that contains details about the state of Amazon Inspector deep inspection for a member account.
MonthlyCostEstimate:
type: number
format: double
minimum: 0
StepList:
type: array
items:
$ref: '#/components/schemas/Step'
minItems: 1
maxItems: 30
NetworkPath:
type: object
properties:
steps:
allOf:
- $ref: '#/components/schemas/StepList'
- description: The details on the steps in the network path.
description: Information on the network path associated with a finding.
NetworkProtocol:
type: string
enum:
- TCP
- UDP
PortRange:
type: object
required:
- begin
- end
properties:
begin:
allOf:
- $ref: '#/components/schemas/Port'
- description: The beginning port in a port range.
end:
allOf:
- $ref: '#/components/schemas/Port'
- description: The ending port in a port range.
description: Details about the port range associated with a finding.
NonEmptyStringList:
type: array
items:
$ref: '#/components/schemas/NonEmptyString'
NumberFilter:
type: object
properties:
lowerInclusive:
allOf:
- $ref: '#/components/schemas/Double'
- description: The lowest number to be included in the filter.
upperInclusive:
allOf:
- $ref: '#/components/schemas/Double'
- description: The highest number to be included in the filter.
description: An object that describes the details of a number filter.
Operation:
type: string
enum:
- ENABLE_SCANNING
- DISABLE_SCANNING
- ENABLE_REPOSITORY
- DISABLE_REPOSITORY
PackageSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
PackageArchitecture:
type: string
minLength: 1
maxLength: 64
PackageEpoch:
type: integer
PackageFilter:
type: object
properties:
architecture:
allOf:
- $ref: '#/components/schemas/StringFilter'
- description: An object that contains details on the package architecture type to filter on.
epoch:
allOf:
- $ref: '#/components/schemas/NumberFilter'
- description: An object that contains details on the package epoch to filter on.
name:
allOf:
- $ref: '#/components/schemas/StringFilter'
- description: An object that contains details on the name of the package to filter on.
release:
allOf:
- $ref: '#/components/schemas/StringFilter'
- description: An object that contains details on the package release to filter on.
sourceLambdaLayerArn:
$ref: '#/components/schemas/StringFilter'
sourceLayerHash:
allOf:
- $ref: '#/components/schemas/StringFilter'
- description: An object that contains details on the source layer hash to filter on.
version:
allOf:
- $ref: '#/components/schemas/StringFilter'
- description: The package version to filter on.
description: Contains information on the details of a package filter.
PackageManager:
type: string
enum:
- BUNDLER
- CARGO
- COMPOSER
- NPM
- NUGET
- PIPENV
- POETRY
- YARN
- GOBINARY
- GOMOD
- JAR
- OS
- PIP
- PYTHONPKG
- NODEPKG
- POM
- GEMSPEC
PackageName:
type: string
minLength: 1
maxLength: 1024
PackageRelease:
type: string
minLength: 1
maxLength: 1024
PackageVersion:
type: string
minLength: 1
maxLength: 1024
VulnerabilityIdList:
type: array
items:
$ref: '#/components/schemas/VulnerabilityId'
VulnerabilityId:
type: string
minLength: 1
maxLength: 128
VulnerablePackageList:
type: array
items:
$ref: '#/components/schemas/VulnerablePackage'
Permission:
type: object
required:
- operation
- service
properties:
operation:
allOf:
- $ref: '#/components/schemas/Operation'
- description: The operations that can be performed with the given permissions.
service:
allOf:
- $ref: '#/components/schemas/Service'
- description: The services that the permissions allow an account to perform the given operations for.
description: Contains information on the permissions an account has within Amazon Inspector.
Port:
type: integer
minimum: 0
maximum: 65535
PortRangeFilter:
type: object
properties:
beginInclusive:
allOf:
- $ref: '#/components/schemas/Port'
- description: The port number the port range begins at.
endInclusive:
allOf:
- $ref: '#/components/schemas/Port'
- description: The port number the port range ends at.
description: An object that describes the details of a port range filter.
Recommendation:
type: object
properties:
Url:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The URL address to the CVE remediation recommendations.
text:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The recommended course of action to remediate the finding.
description: Details about the recommended course of action to remediate the finding.
RelatedVulnerability:
type: string
minLength: 0
RelatedVulnerabilities:
type: array
items:
$ref: '#/components/schemas/RelatedVulnerability'
minItems: 0
maxItems: 100
RepositorySortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
- AFFECTED_IMAGES
ResetEncryptionKeyRequest:
type: object
required:
- resourceType
- scanType
title: ResetEncryptionKeyRequest
properties:
resourceType:
allOf:
- $ref: '#/components/schemas/ResourceType'
- description: The resource type the key encrypts.
scanType:
allOf:
- $ref: '#/components/schemas/ScanType'
- description: The scan type the key encrypts.
ResourceDetails:
type: object
properties:
awsEc2Instance:
allOf:
- $ref: '#/components/schemas/AwsEc2InstanceDetails'
- description: An object that contains details about the Amazon EC2 instance involved in the finding.
awsEcrContainerImage:
allOf:
- $ref: '#/components/schemas/AwsEcrContainerImageDetails'
- description: An object that contains details about the Amazon ECR container image involved in the finding.
awsLambdaFunction:
allOf:
- $ref: '#/components/schemas/AwsLambdaFunctionDetails'
- description: A summary of the information about an AWS Lambda function affected by a finding.
description: Contains details about the resource involved in the finding.
Resource:
type: object
required:
- id
- type
properties:
details:
allOf:
- $ref: '#/components/schemas/ResourceDetails'
- description: An object that contains details about the resource involved in a finding.
id:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The ID of the resource.
partition:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The partition of the resource.
region:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The Amazon Web Services Region the impacted resource is located in.
tags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The tags attached to the resource.
type:
allOf:
- $ref: '#/components/schemas/ResourceType'
- description: The type of resource.
description: Details about the resource involved in a finding.
ResourceMapComparison:
type: string
enum:
- EQUALS
ResourceMapFilter:
type: object
required:
- comparison
- key
properties:
comparison:
allOf:
- $ref: '#/components/schemas/ResourceMapComparison'
- description: The filter's comparison.
key:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The filter's key.
value:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The filter's value.
description: A resource map filter for a software bill of material report.
ResourceStringComparison:
type: string
enum:
- EQUALS
- NOT_EQUALS
ResourceStringInput:
type: string
minLength: 1
maxLength: 1024
ResourceStringFilter:
type: object
required:
- comparison
- value
properties:
comparison:
allOf:
- $ref: '#/components/schemas/ResourceStringComparison'
- description: The filter's comparison.
value:
allOf:
- $ref: '#/components/schemas/ResourceStringInput'
- description: The filter's value.
description: A resource string filter for a software bill of materials report.
ScanStatusReason:
type: string
enum:
- PENDING_INITIAL_SCAN
- ACCESS_DENIED
- INTERNAL_ERROR
- UNMANAGED_EC2_INSTANCE
- UNSUPPORTED_OS
- SCAN_ELIGIBILITY_EXPIRED
- RESOURCE_TERMINATED
- SUCCESSFUL
- NO_RESOURCES_FOUND
- IMAGE_SIZE_EXCEEDED
- SCAN_FREQUENCY_MANUAL
- SCAN_FREQUENCY_SCAN_ON_PUSH
- EC2_INSTANCE_STOPPED
- PENDING_DISABLE
- NO_INVENTORY
- STALE_INVENTORY
- EXCLUDED_BY_TAG
- UNSUPPORTED_RUNTIME
- UNSUPPORTED_MEDIA_TYPE
- UNSUPPORTED_CONFIG_FILE
- DEEP_INSPECTION_PACKAGE_COLLECTION_LIMIT_EXCEEDED
- DEEP_INSPECTION_DAILY_SSM_INVENTORY_LIMIT_EXCEEDED
- DEEP_INSPECTION_COLLECTION_TIME_LIMIT_EXCEEDED
- DEEP_INSPECTION_NO_INVENTORY
ScanStatusCode:
type: string
enum:
- ACTIVE
- INACTIVE
SearchVulnerabilitiesFilterCriteria:
type: object
required:
- vulnerabilityIds
properties:
vulnerabilityIds:
allOf:
- $ref: '#/components/schemas/VulnIdList'
- description: The IDs for specific vulnerabilities.
description: 'Details on the criteria used to define the filter for a vulnerability search. '
SearchVulnerabilitiesRequest:
type: object
required:
- filterCriteria
title: SearchVulnerabilitiesRequest
properties:
filterCriteria:
allOf:
- $ref: '#/components/schemas/SearchVulnerabilitiesFilterCriteria'
- description: The criteria used to filter the results of a vulnerability search.
nextToken:
allOf:
- $ref: '#/components/schemas/NextToken'
- description: 'A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request to a list action. For subsequent calls, use
the NextToken value returned from the previous request to continue listing results after the first page.'
Vulnerabilities:
type: array
items:
$ref: '#/components/schemas/Vulnerability'
minItems: 0
maxItems: 1
SecurityGroupId:
type: string
pattern: '^sg-([a-z0-9]{8}|[a-z0-9]{17}|\*)$'
SourceLayerHash:
type: string
pattern: '^sha256:[a-z0-9]{64}$'
minLength: 71
maxLength: 71
Step:
type: object
required:
- componentId
- componentType
properties:
componentId:
allOf:
- $ref: '#/components/schemas/Component'
- description: The component ID.
componentType:
allOf:
- $ref: '#/components/schemas/ComponentType'
- description: The component type.
description: Details about the step associated with a finding.
StringComparison:
type: string
enum:
- EQUALS
- PREFIX
- NOT_EQUALS
StringInput:
type: string
minLength: 1
maxLength: 1024
SubnetId:
type: string
pattern: '^subnet-([a-z0-9]{8}|[a-z0-9]{17}|\*)$'
SuggestedFixCodeString:
type: string
minLength: 1
maxLength: 2500
SuggestedFixDescriptionString:
type: string
minLength: 1
maxLength: 1000
SuggestedFix:
type: object
properties:
code:
allOf:
- $ref: '#/components/schemas/SuggestedFixCodeString'
- description: The fix's code.
description:
allOf:
- $ref: '#/components/schemas/SuggestedFixDescriptionString'
- description: The fix's description.
description: A suggested fix for a vulnerability in your Lambda function code.
TagKeyList:
type: array
items:
$ref: '#/components/schemas/TagKey'
minItems: 0
maxItems: 50
TagResourceRequest:
type: object
required:
- tags
title: TagResourceRequest
properties:
tags:
allOf:
- $ref: '#/components/schemas/TagMap'
- description: The tags to be added to a resource.
Target:
type: string
minLength: 0
maxLength: 50
TitleSortBy:
type: string
enum:
- CRITICAL
- HIGH
- ALL
Tool:
type: string
minLength: 0
Ttp:
type: string
minLength: 0
maxLength: 30
UntagResourceRequest:
type: object
title: UntagResourceRequest
properties: {}
UpdateConfigurationRequest:
type: object
required:
- ecrConfiguration
title: UpdateConfigurationRequest
properties:
ecrConfiguration:
allOf:
- $ref: '#/components/schemas/EcrConfiguration'
- description: Specifies how the ECR automated re-scan will be updated for your environment.
UpdateEc2DeepInspectionConfigurationRequest:
type: object
title: UpdateEc2DeepInspectionConfigurationRequest
properties:
activateDeepInspection:
allOf:
- $ref: '#/components/schemas/Boolean'
- description: 'Specify TRUE to activate Amazon Inspector deep inspection in your account, or FALSE to deactivate. Member accounts in an organization cannot deactivate
deep inspection, instead the delegated administrator for the organization can deactivate a member account using BatchUpdateMemberEc2DeepInspectionStatus.'
packagePaths:
allOf:
- $ref: '#/components/schemas/PathList'
- description: The Amazon Inspector deep inspection custom paths you are adding for your account.
UpdateEncryptionKeyRequest:
type: object
required:
- kmsKeyId
- resourceType
- scanType
title: UpdateEncryptionKeyRequest
properties:
kmsKeyId:
allOf:
- $ref: '#/components/schemas/KmsKeyArn'
- description: A KMS key ID for the encryption key.
resourceType:
allOf:
- $ref: '#/components/schemas/ResourceType'
- description: The resource type for the encryption key.
scanType:
allOf:
- $ref: '#/components/schemas/ScanType'
- description: The scan type for the encryption key.
UpdateFilterRequest:
type: object
required:
- filterArn
title: UpdateFilterRequest
properties:
action:
allOf:
- $ref: '#/components/schemas/FilterAction'
- description: Specifies the action that is to be applied to the findings that match the filter.
description:
allOf:
- $ref: '#/components/schemas/FilterDescription'
- description: A description of the filter.
filterArn:
allOf:
- $ref: '#/components/schemas/FilterArn'
- description: The Amazon Resource Number (ARN) of the filter to update.
filterCriteria:
allOf:
- $ref: '#/components/schemas/FilterCriteria'
- description: Defines the criteria to be update in the filter.
name:
allOf:
- $ref: '#/components/schemas/FilterName'
- description: The name of the filter.
reason:
allOf:
- $ref: '#/components/schemas/FilterReason'
- description: The reason the filter was updated.
UpdateOrgEc2DeepInspectionConfigurationRequest:
type: object
required:
- orgPackagePaths
title: UpdateOrgEc2DeepInspectionConfigurationRequest
properties:
orgPackagePaths:
allOf:
- $ref: '#/components/schemas/PathList'
- description: The Amazon Inspector deep inspection custom paths you are adding for your organization.
UpdateOrganizationConfigurationRequest:
type: object
required:
- autoEnable
title: UpdateOrganizationConfigurationRequest
properties:
autoEnable:
allOf:
- $ref: '#/components/schemas/AutoEnable'
- description: Defines which scan types are enabled automatically for new members of your Amazon Inspector organization.
UsageValue:
type: number
format: double
minimum: 0
UsageType:
type: string
enum:
- EC2_INSTANCE_HOURS
- ECR_INITIAL_SCAN
- ECR_RESCAN
- LAMBDA_FUNCTION_HOURS
- LAMBDA_FUNCTION_CODE_HOURS
Usage:
type: object
properties:
currency:
allOf:
- $ref: '#/components/schemas/Currency'
- description: The currency type used when calculating usage data.
estimatedMonthlyCost:
allOf:
- $ref: '#/components/schemas/MonthlyCostEstimate'
- description: The estimated monthly cost of Amazon Inspector.
total:
allOf:
- $ref: '#/components/schemas/UsageValue'
- description: The total of usage.
type:
allOf:
- $ref: '#/components/schemas/UsageType'
- description: The type scan.
description: Contains usage information about the cost of Amazon Inspector operation.
UsageList:
type: array
items:
$ref: '#/components/schemas/Usage'
UsageTotal:
type: object
properties:
accountId:
allOf:
- $ref: '#/components/schemas/MeteringAccountId'
- description: The account ID of the account that usage data was retrieved for.
usage:
allOf:
- $ref: '#/components/schemas/UsageList'
- description: An object representing the total usage for an account.
description: The total of usage for an account ID.
VendorCreatedAt:
type: string
format: date-time
VendorSeverity:
type: string
minLength: 1
maxLength: 64
VendorUpdatedAt:
type: string
format: date-time
VulnId:
type: string
pattern: '^CVE-[12][0-9]{3}-[0-9]{1,10}$'
Vulnerability:
type: object
required:
- id
properties:
atigData:
allOf:
- $ref: '#/components/schemas/AtigData'
- description: An object that contains information about the Amazon Web Services Threat Intel Group (ATIG) details for the vulnerability.
cisaData:
allOf:
- $ref: '#/components/schemas/CisaData'
- description: An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.
cvss2:
allOf:
- $ref: '#/components/schemas/Cvss2'
- description: An object that contains the Common Vulnerability Scoring System (CVSS) Version 2 details for the vulnerability.
cvss3:
allOf:
- $ref: '#/components/schemas/Cvss3'
- description: An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.
cwes:
allOf:
- $ref: '#/components/schemas/Cwes'
- description: The Common Weakness Enumeration (CWE) associated with the vulnerability.
description:
allOf:
- $ref: '#/components/schemas/VulnerabilityDescription'
- description: A description of the vulnerability.
detectionPlatforms:
allOf:
- $ref: '#/components/schemas/DetectionPlatforms'
- description: Platforms that the vulnerability can be detected on.
epss:
allOf:
- $ref: '#/components/schemas/Epss'
- description: An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.
exploitObserved:
allOf:
- $ref: '#/components/schemas/ExploitObserved'
- description: An object that contains details on when the exploit was observed.
id:
allOf:
- $ref: '#/components/schemas/NonEmptyString'
- description: The ID for the specific vulnerability.
referenceUrls:
allOf:
- $ref: '#/components/schemas/VulnerabilityReferenceUrls'
- description: 'Links to various resources with more information on this vulnerability. '
relatedVulnerabilities:
allOf:
- $ref: '#/components/schemas/RelatedVulnerabilities'
- description: A list of related vulnerabilities.
source:
allOf:
- $ref: '#/components/schemas/VulnerabilitySource'
- description: The source of the vulnerability information.
sourceUrl:
allOf:
- $ref: '#/components/schemas/VulnerabilitySourceUrl'
- description: A link to the official source material for this vulnerability.
vendorCreatedAt:
allOf:
- $ref: '#/components/schemas/VendorCreatedAt'
- description: The date and time when the vendor created this vulnerability.
vendorSeverity:
allOf:
- $ref: '#/components/schemas/VendorSeverity'
- description: The severity assigned by the vendor.
vendorUpdatedAt:
allOf:
- $ref: '#/components/schemas/VendorUpdatedAt'
- description: The date and time when the vendor last updated this vulnerability.
description: Contains details about a specific vulnerability Amazon Inspector can detect.
VulnerabilityDescription:
type: string
VulnerabilitySource:
type: string
enum:
- NVD
VulnerabilitySourceUrl:
type: string
minLength: 0
VulnerabilityReferenceUrl:
type: string
minLength: 0
VulnerablePackageRemediation:
type: string
minLength: 1
maxLength: 1024
VulnerablePackage:
type: object
required:
- name
- version
properties:
arch:
allOf:
- $ref: '#/components/schemas/PackageArchitecture'
- description: The architecture of the vulnerable package.
epoch:
allOf:
- $ref: '#/components/schemas/PackageEpoch'
- description: The epoch of the vulnerable package.
filePath:
allOf:
- $ref: '#/components/schemas/FilePath'
- description: The file path of the vulnerable package.
fixedInVersion:
allOf:
- $ref: '#/components/schemas/PackageVersion'
- description: The version of the package that contains the vulnerability fix.
name:
allOf:
- $ref: '#/components/schemas/PackageName'
- description: The name of the vulnerable package.
packageManager:
allOf:
- $ref: '#/components/schemas/PackageManager'
- description: The package manager of the vulnerable package.
release:
allOf:
- $ref: '#/components/schemas/PackageRelease'
- description: The release of the vulnerable package.
remediation:
allOf:
- $ref: '#/components/schemas/VulnerablePackageRemediation'
- description: The code to run in your environment to update packages with a fix available.
sourceLambdaLayerArn:
allOf:
- $ref: '#/components/schemas/LambdaLayerArn'
- description: The Amazon Resource Number (ARN) of the AWS Lambda function affected by a finding.
sourceLayerHash:
allOf:
- $ref: '#/components/schemas/SourceLayerHash'
- description: The source layer hash of the vulnerable package.
version:
allOf:
- $ref: '#/components/schemas/PackageVersion'
- description: The version of the vulnerable package.
description: Information on the vulnerable package identified by a finding.
security:
- hmac: []