StartMalwareScan - Amazon GuardDuty
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

StartMalwareScan

Initiates the malware scan. Invoking this API will automatically create the Service-linked role in the corresponding account if the resourceArn belongs to an EC2 instance.

When the malware scan starts, you can use the associated scan ID to track the status of the scan. For more information, see ListMalwareScans and GetMalwareScan.

When you use this API, the AWS service terms for GuardDuty Malware Protection apply. For more information, see AWS service terms for GuardDuty Malware Protection.

Request Syntax

POST /malware-scan/start HTTP/1.1
Content-type: application/json

{
   "clientToken": "string",
   "resourceArn": "string",
   "scanConfiguration": { 
      "incrementalScanDetails": { 
         "baselineResourceArn": "string"
      },
      "recoveryPoint": { 
         "backupVaultName": "string"
      },
      "role": "string"
   }
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

clientToken

The idempotency token for the create request.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 64.

Required: No

resourceArn

Amazon Resource Name (ARN) of the resource for which you invoked the API.

Type: String

Pattern: ^arn:[A-Za-z-]+:[A-Za-z0-9]+:[A-Za-z0-9-]+:\d+:(([A-Za-z0-9-]+)[:\/])?[A-Za-z0-9:-]*$

Required: Yes

scanConfiguration

Contains information about the configuration to be used for the malware scan.

Type: StartMalwareScanConfiguration object

Required: No

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "scanId": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

scanId

A unique identifier that gets generated when you invoke the API without any error. Each malware scan has a corresponding scan ID. Using this scan ID, you can monitor the status of your malware scan.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 200.

Errors

For information about the errors that are common to all actions, see Common Errors.

BadRequestException

A bad request exception object.

Message

The error message.

Type

The error type.

HTTP Status Code: 400

ConflictException

A request conflict exception object.

Message

The error message.

Type

The error type.

HTTP Status Code: 409

InternalServerErrorException

An internal server error exception object.

Message

The error message.

Type

The error type.

HTTP Status Code: 500

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: