CreateFilter
Creates a filter resource using specified filter criteria. When the filter action is set to SUPPRESS
this action creates a suppression rule.
Request Syntax
POST /filters/create HTTP/1.1
Content-type: application/json
{
"action": "string
",
"description": "string
",
"filterCriteria": {
"awsAccountId": [
{
"comparison": "string
",
"value": "string
"
}
],
"codeVulnerabilityDetectorName": [
{
"comparison": "string
",
"value": "string
"
}
],
"codeVulnerabilityDetectorTags": [
{
"comparison": "string
",
"value": "string
"
}
],
"codeVulnerabilityFilePath": [
{
"comparison": "string
",
"value": "string
"
}
],
"componentId": [
{
"comparison": "string
",
"value": "string
"
}
],
"componentType": [
{
"comparison": "string
",
"value": "string
"
}
],
"ec2InstanceImageId": [
{
"comparison": "string
",
"value": "string
"
}
],
"ec2InstanceSubnetId": [
{
"comparison": "string
",
"value": "string
"
}
],
"ec2InstanceVpcId": [
{
"comparison": "string
",
"value": "string
"
}
],
"ecrImageArchitecture": [
{
"comparison": "string
",
"value": "string
"
}
],
"ecrImageHash": [
{
"comparison": "string
",
"value": "string
"
}
],
"ecrImagePushedAt": [
{
"endInclusive": number
,
"startInclusive": number
}
],
"ecrImageRegistry": [
{
"comparison": "string
",
"value": "string
"
}
],
"ecrImageRepositoryName": [
{
"comparison": "string
",
"value": "string
"
}
],
"ecrImageTags": [
{
"comparison": "string
",
"value": "string
"
}
],
"epssScore": [
{
"lowerInclusive": number
,
"upperInclusive": number
}
],
"exploitAvailable": [
{
"comparison": "string
",
"value": "string
"
}
],
"findingArn": [
{
"comparison": "string
",
"value": "string
"
}
],
"findingStatus": [
{
"comparison": "string
",
"value": "string
"
}
],
"findingType": [
{
"comparison": "string
",
"value": "string
"
}
],
"firstObservedAt": [
{
"endInclusive": number
,
"startInclusive": number
}
],
"fixAvailable": [
{
"comparison": "string
",
"value": "string
"
}
],
"inspectorScore": [
{
"lowerInclusive": number
,
"upperInclusive": number
}
],
"lambdaFunctionExecutionRoleArn": [
{
"comparison": "string
",
"value": "string
"
}
],
"lambdaFunctionLastModifiedAt": [
{
"endInclusive": number
,
"startInclusive": number
}
],
"lambdaFunctionLayers": [
{
"comparison": "string
",
"value": "string
"
}
],
"lambdaFunctionName": [
{
"comparison": "string
",
"value": "string
"
}
],
"lambdaFunctionRuntime": [
{
"comparison": "string
",
"value": "string
"
}
],
"lastObservedAt": [
{
"endInclusive": number
,
"startInclusive": number
}
],
"networkProtocol": [
{
"comparison": "string
",
"value": "string
"
}
],
"portRange": [
{
"beginInclusive": number
,
"endInclusive": number
}
],
"relatedVulnerabilities": [
{
"comparison": "string
",
"value": "string
"
}
],
"resourceId": [
{
"comparison": "string
",
"value": "string
"
}
],
"resourceTags": [
{
"comparison": "string
",
"key": "string
",
"value": "string
"
}
],
"resourceType": [
{
"comparison": "string
",
"value": "string
"
}
],
"severity": [
{
"comparison": "string
",
"value": "string
"
}
],
"title": [
{
"comparison": "string
",
"value": "string
"
}
],
"updatedAt": [
{
"endInclusive": number
,
"startInclusive": number
}
],
"vendorSeverity": [
{
"comparison": "string
",
"value": "string
"
}
],
"vulnerabilityId": [
{
"comparison": "string
",
"value": "string
"
}
],
"vulnerabilitySource": [
{
"comparison": "string
",
"value": "string
"
}
],
"vulnerablePackages": [
{
"architecture": {
"comparison": "string
",
"value": "string
"
},
"epoch": {
"lowerInclusive": number
,
"upperInclusive": number
},
"name": {
"comparison": "string
",
"value": "string
"
},
"release": {
"comparison": "string
",
"value": "string
"
},
"sourceLambdaLayerArn": {
"comparison": "string
",
"value": "string
"
},
"sourceLayerHash": {
"comparison": "string
",
"value": "string
"
},
"version": {
"comparison": "string
",
"value": "string
"
}
}
]
},
"name": "string
",
"reason": "string
",
"tags": {
"string
" : "string
"
}
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- action
-
Defines the action that is to be applied to the findings that match the filter.
Type: String
Valid Values:
NONE | SUPPRESS
Required: Yes
- description
-
A description of the filter.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 512.
Required: No
- filterCriteria
-
Defines the criteria to be used in the filter for querying findings.
Type: FilterCriteria object
Required: Yes
- name
-
The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Required: Yes
- reason
-
The reason for creating the filter.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 512.
Required: No
-
A list of tags for the filter.
Type: String to string map
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"arn": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- arn
-
The Amazon Resource Number (ARN) of the successfully created filter.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You do not have sufficient access to perform this action.
HTTP Status Code: 403
- BadRequestException
-
One or more tags submitted as part of the request is not valid.
HTTP Status Code: 400
- InternalServerException
-
The request has failed due to an internal failure of the Amazon Inspector service.
HTTP Status Code: 500
- ServiceQuotaExceededException
-
You have exceeded your service quota. To perform the requested action, remove some of the relevant resources, or use Service Quotas to request a service quota increase.
HTTP Status Code: 402
- ThrottlingException
-
The limit on the number of requests per second was exceeded.
HTTP Status Code: 429
- ValidationException
-
The request has failed validation due to missing required fields or having invalid inputs.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: