UpdateCase
Updates an existing case.
Request Syntax
POST /v1/cases/caseId/update-case HTTP/1.1
Content-type: application/json
{
"actualIncidentStartDate": number,
"caseMetadata": [
{
"key": "string",
"value": "string"
}
],
"description": "string",
"engagementType": "string",
"impactedAccountsToAdd": [ "string" ],
"impactedAccountsToDelete": [ "string" ],
"impactedAwsRegionsToAdd": [
{
"region": "string"
}
],
"impactedAwsRegionsToDelete": [
{
"region": "string"
}
],
"impactedServicesToAdd": [ "string" ],
"impactedServicesToDelete": [ "string" ],
"reportedIncidentStartDate": number,
"threatActorIpAddressesToAdd": [
{
"ipAddress": "string",
"userAgent": "string"
}
],
"threatActorIpAddressesToDelete": [
{
"ipAddress": "string",
"userAgent": "string"
}
],
"title": "string",
"watchersToAdd": [
{
"email": "string",
"jobTitle": "string",
"name": "string"
}
],
"watchersToDelete": [
{
"email": "string",
"jobTitle": "string",
"name": "string"
}
]
}URI Request Parameters
The request uses the following URI parameters.
- caseId
-
Required element for UpdateCase to identify the case ID for updates.
Length Constraints: Minimum length of 10. Maximum length of 32.
Pattern:
\d{10,32}.*Required: Yes
Request Body
The request accepts the following data in JSON format.
- actualIncidentStartDate
-
Optional element for UpdateCase to provide content for the incident start date field.
Type: Timestamp
Required: No
- caseMetadata
-
Metadata entries to update for the case. This allows you to modify custom key-value pairs associated with the case for organizational and tracking purposes.
Type: Array of CaseMetadataEntry objects
Array Members: Minimum number of 1 item. Maximum number of 30 items.
Required: No
- description
-
Optional element for UpdateCase to provide content for the description field.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 8000.
Required: No
- engagementType
-
Optional element for UpdateCase to provide content for the engagement type field.
Available engagement types include Security Incident | Investigation.Type: String
Valid Values:
Security Incident | InvestigationRequired: No
- impactedAccountsToAdd
-
Optional element for UpdateCase to provide content to add accounts impacted.
Note
AWS account ID's may appear less than 12 characters and need to be zero-prepended. An example would be
123123123which is nine digits, and with zero-prepend would be000123123123. Not zero-prepending to 12 digits could result in errors.Type: Array of strings
Array Members: Minimum number of 0 items. Maximum number of 200 items.
Length Constraints: Fixed length of 12.
Pattern:
[0-9]{12}Required: No
- impactedAccountsToDelete
-
Optional element for UpdateCase to provide content to add accounts impacted.
Note
AWS account ID's may appear less than 12 characters and need to be zero-prepended. An example would be
123123123which is nine digits, and with zero-prepend would be000123123123. Not zero-prepending to 12 digits could result in errors.Type: Array of strings
Array Members: Minimum number of 0 items. Maximum number of 200 items.
Length Constraints: Fixed length of 12.
Pattern:
[0-9]{12}Required: No
- impactedAwsRegionsToAdd
-
Optional element for UpdateCase to provide content to add regions impacted.
Type: Array of ImpactedAwsRegion objects
Array Members: Minimum number of 0 items. Maximum number of 50 items.
Required: No
- impactedAwsRegionsToDelete
-
Optional element for UpdateCase to provide content to remove regions impacted.
Type: Array of ImpactedAwsRegion objects
Array Members: Minimum number of 0 items. Maximum number of 50 items.
Required: No
- impactedServicesToAdd
-
Optional element for UpdateCase to provide content to add services impacted.
Type: Array of strings
Array Members: Minimum number of 0 items. Maximum number of 600 items.
Length Constraints: Minimum length of 2. Maximum length of 50.
Pattern:
[a-zA-Z0-9 -.():]+Required: No
- impactedServicesToDelete
-
Optional element for UpdateCase to provide content to remove services impacted.
Type: Array of strings
Array Members: Minimum number of 0 items. Maximum number of 600 items.
Length Constraints: Minimum length of 2. Maximum length of 50.
Pattern:
[a-zA-Z0-9 -.():]+Required: No
- reportedIncidentStartDate
-
Optional element for UpdateCase to provide content for the customer reported incident start date field.
Type: Timestamp
Required: No
- threatActorIpAddressesToAdd
-
Optional element for UpdateCase to provide content to add additional suspicious IP addresses related to a case.
Type: Array of ThreatActorIp objects
Array Members: Minimum number of 0 items. Maximum number of 500 items.
Required: No
- threatActorIpAddressesToDelete
-
Optional element for UpdateCase to provide content to remove suspicious IP addresses from a case.
Type: Array of ThreatActorIp objects
Array Members: Minimum number of 0 items. Maximum number of 500 items.
Required: No
- title
-
Optional element for UpdateCase to provide content for the title field.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 300.
Required: No
- watchersToAdd
-
Optional element for UpdateCase to provide content to add additional watchers to a case.
Type: Array of Watcher objects
Array Members: Minimum number of 0 items. Maximum number of 30 items.
Required: No
- watchersToDelete
-
Optional element for UpdateCase to provide content to remove existing watchers from a case.
Type: Array of Watcher objects
Array Members: Minimum number of 0 items. Maximum number of 30 items.
Required: No
Response Syntax
HTTP/1.1 200
Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
- message
-
The ID of the resource which lead to the access denial.
HTTP Status Code: 403
- ConflictException
-
Returned when there is a conflict with the current state of the resource.
For UpdateResolverType, this error may occur when attempting to change an AWS-supported case to Self-managed, which is not supported.
- message
-
The exception message.
- resourceId
-
The ID of the conflicting resource.
- resourceType
-
The type of the conflicting resource.
HTTP Status Code: 409
- InternalServerException
-
- message
-
The exception message.
- retryAfterSeconds
-
The number of seconds after which to retry the request.
HTTP Status Code: 500
- InvalidTokenException
-
- message
-
The exception message.
HTTP Status Code: 423
- ResourceNotFoundException
-
- message
-
The exception message.
HTTP Status Code: 404
- SecurityIncidentResponseNotActiveException
-
- message
-
The exception message.
HTTP Status Code: 400
- ServiceQuotaExceededException
-
- message
-
The exception message.
- quotaCode
-
The code of the quota.
- resourceId
-
The ID of the requested resource which lead to the service quota exception.
- resourceType
-
The type of the requested resource which lead to the service quota exception.
- serviceCode
-
The service code of the quota.
HTTP Status Code: 402
- ThrottlingException
-
- message
-
The exception message.
- quotaCode
-
The quota code of the exception.
- retryAfterSeconds
-
The number of seconds after which to retry the request.
- serviceCode
-
The service code of the exception.
HTTP Status Code: 429
- ValidationException
-
Returned when the request contains invalid parameters.
For UpdateResolverType, this error may occur when attempting an unsupported resolver type transition.
- fieldList
-
The fields which lead to the exception.
- message
-
The exception message.
- reason
-
The reason for the exception.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
