CreateAuditSuppression - AWS IoT

CreateAuditSuppression

Creates a Device Defender audit suppression.

Requires permission to access the CreateAuditSuppression action.

Request Syntax

POST /audit/suppressions/create HTTP/1.1 Content-type: application/json { "checkName": "string", "clientRequestToken": "string", "description": "string", "expirationDate": number, "resourceIdentifier": { "account": "string", "caCertificateId": "string", "clientId": "string", "cognitoIdentityPoolId": "string", "deviceCertificateArn": "string", "deviceCertificateId": "string", "iamRoleArn": "string", "issuerCertificateIdentifier": { "issuerCertificateSerialNumber": "string", "issuerCertificateSubject": "string", "issuerId": "string" }, "policyVersionIdentifier": { "policyName": "string", "policyVersionId": "string" }, "roleAliasArn": "string" }, "suppressIndefinitely": boolean }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

checkName

An audit check name. Checks must be enabled for your account. (Use DescribeAccountAuditConfiguration to see the list of all checks, including those that are enabled or use UpdateAccountAuditConfiguration to select which checks are enabled.)

Type: String

Required: Yes

clientRequestToken

Each audit supression must have a unique client request token. If you try to create a new audit suppression with the same token as one that already exists, an exception occurs. If you omit this value, AWS SDKs will automatically generate a unique client request.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: ^[a-zA-Z0-9-_]+$

Required: Yes

description

The description of the audit suppression.

Type: String

Length Constraints: Maximum length of 1000.

Pattern: [\p{Graph}\x20]*

Required: No

expirationDate

The epoch timestamp in seconds at which this suppression expires.

Type: Timestamp

Required: No

resourceIdentifier

Information that identifies the noncompliant resource.

Type: ResourceIdentifier object

Required: Yes

suppressIndefinitely

Indicates whether a suppression should exist indefinitely or not.

Type: Boolean

Required: No

Response Syntax

HTTP/1.1 200

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

InternalFailureException

An unexpected error has occurred.

HTTP Status Code: 500

InvalidRequestException

The request is not valid.

HTTP Status Code: 400

LimitExceededException

A limit has been exceeded.

HTTP Status Code: 410

ResourceAlreadyExistsException

The resource already exists.

HTTP Status Code: 409

ThrottlingException

The rate exceeds the limit.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: