ScanSbom
Scans a provided CycloneDX 1.5 SBOM and reports on any vulnerabilities discovered in that SBOM. You can generate compatible SBOMs for your resources using the Amazon Inspector SBOM generator.
Request Syntax
POST /scan/sbom HTTP/1.1
Content-type: application/json
{
"outputFormat": "string
",
"sbom": JSON value
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- outputFormat
-
The output format for the vulnerability report.
Type: String
Valid Values:
CYCLONE_DX_1_5 | INSPECTOR
Required: No
- sbom
-
The JSON file for the SBOM you want to scan. The SBOM must be in CycloneDX 1.5 format.
Type: JSON value
Required: Yes
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"sbom": JSON value
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- sbom
-
The vulnerability report for the scanned SBOM.
Type: JSON value
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You do not have sufficient access to perform this action.
HTTP Status Code: 403
- InternalServerException
-
The request processing has failed because of an unknown error, exception or failure.
HTTP Status Code: 500
- ThrottlingException
-
The request was denied due to request throttling.
HTTP Status Code: 429
- ValidationException
-
The request has failed validation due to missing required fields or having invalid inputs.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: