CreateFilter - Inspector
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

CreateFilter

Creates a filter resource using specified filter criteria. When the filter action is set to SUPPRESS this action creates a suppression rule.

Request Syntax

POST /filters/create HTTP/1.1 Content-type: application/json { "action": "string", "description": "string", "filterCriteria": { "awsAccountId": [ { "comparison": "string", "value": "string" } ], "codeVulnerabilityDetectorName": [ { "comparison": "string", "value": "string" } ], "codeVulnerabilityDetectorTags": [ { "comparison": "string", "value": "string" } ], "codeVulnerabilityFilePath": [ { "comparison": "string", "value": "string" } ], "componentId": [ { "comparison": "string", "value": "string" } ], "componentType": [ { "comparison": "string", "value": "string" } ], "ec2InstanceImageId": [ { "comparison": "string", "value": "string" } ], "ec2InstanceSubnetId": [ { "comparison": "string", "value": "string" } ], "ec2InstanceVpcId": [ { "comparison": "string", "value": "string" } ], "ecrImageArchitecture": [ { "comparison": "string", "value": "string" } ], "ecrImageHash": [ { "comparison": "string", "value": "string" } ], "ecrImagePushedAt": [ { "endInclusive": number, "startInclusive": number } ], "ecrImageRegistry": [ { "comparison": "string", "value": "string" } ], "ecrImageRepositoryName": [ { "comparison": "string", "value": "string" } ], "ecrImageTags": [ { "comparison": "string", "value": "string" } ], "epssScore": [ { "lowerInclusive": number, "upperInclusive": number } ], "exploitAvailable": [ { "comparison": "string", "value": "string" } ], "findingArn": [ { "comparison": "string", "value": "string" } ], "findingStatus": [ { "comparison": "string", "value": "string" } ], "findingType": [ { "comparison": "string", "value": "string" } ], "firstObservedAt": [ { "endInclusive": number, "startInclusive": number } ], "fixAvailable": [ { "comparison": "string", "value": "string" } ], "inspectorScore": [ { "lowerInclusive": number, "upperInclusive": number } ], "lambdaFunctionExecutionRoleArn": [ { "comparison": "string", "value": "string" } ], "lambdaFunctionLastModifiedAt": [ { "endInclusive": number, "startInclusive": number } ], "lambdaFunctionLayers": [ { "comparison": "string", "value": "string" } ], "lambdaFunctionName": [ { "comparison": "string", "value": "string" } ], "lambdaFunctionRuntime": [ { "comparison": "string", "value": "string" } ], "lastObservedAt": [ { "endInclusive": number, "startInclusive": number } ], "networkProtocol": [ { "comparison": "string", "value": "string" } ], "portRange": [ { "beginInclusive": number, "endInclusive": number } ], "relatedVulnerabilities": [ { "comparison": "string", "value": "string" } ], "resourceId": [ { "comparison": "string", "value": "string" } ], "resourceTags": [ { "comparison": "string", "key": "string", "value": "string" } ], "resourceType": [ { "comparison": "string", "value": "string" } ], "severity": [ { "comparison": "string", "value": "string" } ], "title": [ { "comparison": "string", "value": "string" } ], "updatedAt": [ { "endInclusive": number, "startInclusive": number } ], "vendorSeverity": [ { "comparison": "string", "value": "string" } ], "vulnerabilityId": [ { "comparison": "string", "value": "string" } ], "vulnerabilitySource": [ { "comparison": "string", "value": "string" } ], "vulnerablePackages": [ { "architecture": { "comparison": "string", "value": "string" }, "epoch": { "lowerInclusive": number, "upperInclusive": number }, "name": { "comparison": "string", "value": "string" }, "release": { "comparison": "string", "value": "string" }, "sourceLambdaLayerArn": { "comparison": "string", "value": "string" }, "sourceLayerHash": { "comparison": "string", "value": "string" }, "version": { "comparison": "string", "value": "string" } } ] }, "name": "string", "reason": "string", "tags": { "string" : "string" } }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

action

Defines the action that is to be applied to the findings that match the filter.

Type: String

Valid Values: NONE | SUPPRESS

Required: Yes

description

A description of the filter.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 512.

Required: No

filterCriteria

Defines the criteria to be used in the filter for querying findings.

Type: FilterCriteria object

Required: Yes

name

The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: Yes

reason

The reason for creating the filter.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 512.

Required: No

tags

A list of tags for the filter.

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Minimum length of 0. Maximum length of 256.

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "arn": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

arn

The Amazon Resource Number (ARN) of the successfully created filter.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 403

BadRequestException

One or more tags submitted as part of the request is not valid.

HTTP Status Code: 400

InternalServerException

The request has failed due to an internal failure of the Amazon Inspector service.

HTTP Status Code: 500

ServiceQuotaExceededException

You have exceeded your service quota. To perform the requested action, remove some of the relevant resources, or use Service Quotas to request a service quota increase.

HTTP Status Code: 402

ThrottlingException

The limit on the number of requests per second was exceeded.

HTTP Status Code: 429

ValidationException

The request has failed validation due to missing required fields or having invalid inputs.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: