CreateCisScanConfiguration - Inspector
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

CreateCisScanConfiguration

Creates a CIS scan configuration.

Request Syntax

POST /cis/scan-configuration/create HTTP/1.1
Content-type: application/json

{
   "scanName": "string",
   "schedule": { ... },
   "securityLevel": "string",
   "tags": { 
      "string" : "string" 
   },
   "targets": { 
      "accountIds": [ "string" ],
      "targetResourceTags": { 
         "string" : [ "string" ]
      }
   }
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

scanName

The scan name for the CIS scan configuration.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: Yes

schedule

The schedule for the CIS scan configuration.

Type: Schedule object

Note: This object is a Union. Only one member of this object can be specified or returned.

Required: Yes

securityLevel

The security level for the CIS scan configuration. Security level refers to the Benchmark levels that CIS assigns to a profile.

Type: String

Valid Values: LEVEL_1 | LEVEL_2

Required: Yes

tags

The tags for the CIS scan configuration.

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 0. Maximum length of 256.

Required: No

targets

The targets for the CIS scan configuration.

Type: CreateCisTargets object

Required: Yes

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "scanConfigurationArn": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

scanConfigurationArn

The scan configuration ARN for the CIS scan configuration.

Type: String

Pattern: arn:aws(-us-gov|-cn)?:inspector2:[a-z]{2}(-gov)?-[a-z]+-[0-9]{1}:[0-9]{12}:owner/(o-[a-z0-9]+|[0-9]{12})/cis-configuration/[0-9a-fA-F-]+

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

For Enable, you receive this error if you attempt to use a feature in an unsupported AWS Region.

HTTP Status Code: 403

InternalServerException

The request has failed due to an internal failure of the Amazon Inspector service.

retryAfterSeconds

The number of seconds to wait before retrying the request.

HTTP Status Code: 500

ThrottlingException

The limit on the number of requests per second was exceeded.

retryAfterSeconds

The number of seconds to wait before retrying the request.

HTTP Status Code: 429

ValidationException

The request has failed validation due to missing required fields or having invalid inputs.

fields

The fields that failed validation.

reason

The reason for the validation failure.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: