This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html).

# AWS::InspectorV2::CodeSecurityScanConfiguration
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration"></a>

Creates a scan configuration for code security scanning.

## Syntax
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-syntax"></a>

To declare this entity in your CloudFormation template, use the following syntax:

### JSON
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-syntax.json"></a>

```
{
  "Type" : "AWS::InspectorV2::CodeSecurityScanConfiguration",
  "Properties" : {
      "[Configuration](#cfn-inspectorv2-codesecurityscanconfiguration-configuration)" : CodeSecurityScanConfiguration,
      "[Level](#cfn-inspectorv2-codesecurityscanconfiguration-level)" : String,
      "[Name](#cfn-inspectorv2-codesecurityscanconfiguration-name)" : String,
      "[ScopeSettings](#cfn-inspectorv2-codesecurityscanconfiguration-scopesettings)" : ScopeSettings,
      "[Tags](#cfn-inspectorv2-codesecurityscanconfiguration-tags)" : {Key: Value, ...}
    }
}
```

### YAML
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-syntax.yaml"></a>

```
Type: AWS::InspectorV2::CodeSecurityScanConfiguration
Properties:
  [Configuration](#cfn-inspectorv2-codesecurityscanconfiguration-configuration): 
    CodeSecurityScanConfiguration
  [Level](#cfn-inspectorv2-codesecurityscanconfiguration-level): String
  [Name](#cfn-inspectorv2-codesecurityscanconfiguration-name): String
  [ScopeSettings](#cfn-inspectorv2-codesecurityscanconfiguration-scopesettings): 
    ScopeSettings
  [Tags](#cfn-inspectorv2-codesecurityscanconfiguration-tags): 
    Key: Value
```

## Properties
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-properties"></a>

`Configuration`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-configuration"></a>
The configuration settings for the code security scan.  
*Required*: No  
*Type*: [CodeSecurityScanConfiguration](aws-properties-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration.md)  
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

`Level`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-level"></a>
The security level for the scan configuration.  
*Required*: No  
*Type*: String  
*Allowed values*: `ORGANIZATION | ACCOUNT`  
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

`Name`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-name"></a>
The name of the scan configuration.  
*Required*: No  
*Type*: String  
*Pattern*: `^[a-zA-Z0-9-_$:.]*$`  
*Minimum*: `1`  
*Maximum*: `60`  
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

`ScopeSettings`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-scopesettings"></a>
The scope settings that define which repositories will be scanned.  
*Required*: No  
*Type*: [ScopeSettings](aws-properties-inspectorv2-codesecurityscanconfiguration-scopesettings.md)  
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

`Tags`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-tags"></a>
The tags to apply to the scan configuration.  
*Required*: No  
*Type*: Object of String  
*Pattern*: `^.{2,127}$`  
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

## Return values
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-return-values"></a>

### Ref
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-return-values-ref"></a>

When you pass the logical ID of this resource to the intrinsic `Ref` function, `Ref` returns the ARN of the scan configuration.

For more information about using the `Ref` function, see [https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-ref.html).

 

### Fn::GetAtt
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-return-values-fn--getatt"></a>

The `Fn::GetAtt` intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the `Fn::GetAtt` intrinsic function, see [https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/intrinsic-function-reference-getatt.html).

#### 
<a name="aws-resource-inspectorv2-codesecurityscanconfiguration-return-values-fn--getatt-fn--getatt"></a>

`Arn`  <a name="Arn-fn::getatt"></a>
The Amazon Resource Name (ARN) of the scan configuration. 

# AWS::InspectorV2::CodeSecurityScanConfiguration CodeSecurityScanConfiguration
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration"></a>

Contains the configuration settings for code security scans.

## Syntax
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-syntax"></a>

To declare this entity in your CloudFormation template, use the following syntax:

### JSON
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-syntax.json"></a>

```
{
  "[continuousIntegrationScanConfiguration](#cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-continuousintegrationscanconfiguration)" : ContinuousIntegrationScanConfiguration,
  "[periodicScanConfiguration](#cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-periodicscanconfiguration)" : PeriodicScanConfiguration,
  "[ruleSetCategories](#cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-rulesetcategories)" : [ String, ... ]
}
```

### YAML
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-syntax.yaml"></a>

```
  [continuousIntegrationScanConfiguration](#cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-continuousintegrationscanconfiguration): 
    ContinuousIntegrationScanConfiguration
  [periodicScanConfiguration](#cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-periodicscanconfiguration): 
    PeriodicScanConfiguration
  [ruleSetCategories](#cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-rulesetcategories): 
    - String
```

## Properties
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-properties"></a>

`continuousIntegrationScanConfiguration`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-continuousintegrationscanconfiguration"></a>
Configuration settings for continuous integration scans that run automatically when code changes are made.  
*Required*: No  
*Type*: [ContinuousIntegrationScanConfiguration](aws-properties-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration.md)  
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

`periodicScanConfiguration`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-periodicscanconfiguration"></a>
Configuration settings for periodic scans that run on a scheduled basis.  
*Required*: No  
*Type*: [PeriodicScanConfiguration](aws-properties-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration.md)  
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

`ruleSetCategories`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-codesecurityscanconfiguration-rulesetcategories"></a>
The categories of security rules to be applied during the scan.  
*Required*: Yes  
*Type*: Array of String  
*Minimum*: `1`  
*Maximum*: `3`  
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

# AWS::InspectorV2::CodeSecurityScanConfiguration ContinuousIntegrationScanConfiguration
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration"></a>

Configuration settings for continuous integration scans that run automatically when code changes are made.

## Syntax
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration-syntax"></a>

To declare this entity in your CloudFormation template, use the following syntax:

### JSON
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration-syntax.json"></a>

```
{
  "[supportedEvents](#cfn-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration-supportedevents)" : [ String, ... ]
}
```

### YAML
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration-syntax.yaml"></a>

```
  [supportedEvents](#cfn-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration-supportedevents): 
    - String
```

## Properties
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration-properties"></a>

`supportedEvents`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-continuousintegrationscanconfiguration-supportedevents"></a>
The repository events that trigger continuous integration scans, such as pull requests or commits.  
*Required*: Yes  
*Type*: Array of String  
*Minimum*: `1`  
*Maximum*: `2`  
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

# AWS::InspectorV2::CodeSecurityScanConfiguration PeriodicScanConfiguration
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration"></a>

Configuration settings for periodic scans that run on a scheduled basis.

## Syntax
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-syntax"></a>

To declare this entity in your CloudFormation template, use the following syntax:

### JSON
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-syntax.json"></a>

```
{
  "[frequency](#cfn-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-frequency)" : String,
  "[frequencyExpression](#cfn-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-frequencyexpression)" : String
}
```

### YAML
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-syntax.yaml"></a>

```
  [frequency](#cfn-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-frequency): String
  [frequencyExpression](#cfn-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-frequencyexpression): String
```

## Properties
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-properties"></a>

`frequency`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-frequency"></a>
The frequency at which periodic scans are performed (such as weekly or monthly).  
If you don't provide the `frequencyExpression`Amazon Inspector chooses day for the scan to run. If you provide the `frequencyExpression`, the schedule must match the specified `frequency`.  
*Required*: No  
*Type*: String  
*Allowed values*: `WEEKLY | MONTHLY | NEVER`  
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

`frequencyExpression`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-periodicscanconfiguration-frequencyexpression"></a>
The schedule expression for periodic scans, in cron format.  
*Required*: No  
*Type*: String  
*Minimum*: `1`  
*Maximum*: `256`  
*Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

# AWS::InspectorV2::CodeSecurityScanConfiguration ScopeSettings
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-scopesettings"></a>

The scope settings that define which repositories will be scanned. If the `ScopeSetting` parameter is `ALL` the scan configuration applies to all existing and future projects imported into Amazon Inspector.

## Syntax
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-scopesettings-syntax"></a>

To declare this entity in your CloudFormation template, use the following syntax:

### JSON
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-scopesettings-syntax.json"></a>

```
{
  "[projectSelectionScope](#cfn-inspectorv2-codesecurityscanconfiguration-scopesettings-projectselectionscope)" : String
}
```

### YAML
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-scopesettings-syntax.yaml"></a>

```
  [projectSelectionScope](#cfn-inspectorv2-codesecurityscanconfiguration-scopesettings-projectselectionscope): String
```

## Properties
<a name="aws-properties-inspectorv2-codesecurityscanconfiguration-scopesettings-properties"></a>

`projectSelectionScope`  <a name="cfn-inspectorv2-codesecurityscanconfiguration-scopesettings-projectselectionscope"></a>
The scope of projects to be selected for scanning within the integrated repositories.  
*Required*: No  
*Type*: String  
*Allowed values*: `ALL`  
*Update requires*: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)