String accountId
The ID of the Amazon Web Services account.
ResourceStatus resourceStatus
Details of the status of Amazon Inspector scans by resource type.
String status
The status of Amazon Inspector for the account.
String accountId
The Amazon Web Services account ID.
SeverityCounts severityCounts
The number of findings by severity.
String accountId
The Amazon Web Services account ID.
ResourceState resourceState
An object detailing which resources Amazon Inspector is enabled to scan for the account.
State state
An object detailing the status of Amazon Inspector for the account.
AccountAggregation accountAggregation
An object that contains details about an aggregation request based on Amazon Web Services account IDs.
AmiAggregation amiAggregation
An object that contains details about an aggregation request based on Amazon Machine Images (AMIs).
AwsEcrContainerAggregation awsEcrContainerAggregation
An object that contains details about an aggregation request based on Amazon ECR container images.
Ec2InstanceAggregation ec2InstanceAggregation
An object that contains details about an aggregation request based on Amazon EC2 instances.
FindingTypeAggregation findingTypeAggregation
An object that contains details about an aggregation request based on finding types.
ImageLayerAggregation imageLayerAggregation
An object that contains details about an aggregation request based on container image layers.
LambdaFunctionAggregation lambdaFunctionAggregation
Returns an object with findings aggregated by Amazon Web Services Lambda function.
LambdaLayerAggregation lambdaLayerAggregation
Returns an object with findings aggregated by Amazon Web Services Lambda layer.
PackageAggregation packageAggregation
An object that contains details about an aggregation request based on operating system package type.
RepositoryAggregation repositoryAggregation
An object that contains details about an aggregation request based on Amazon ECR repositories.
TitleAggregation titleAggregation
An object that contains details about an aggregation request based on finding title.
AccountAggregationResponse accountAggregation
An object that contains details about an aggregation response based on Amazon Web Services account IDs.
AmiAggregationResponse amiAggregation
An object that contains details about an aggregation response based on Amazon Machine Images (AMIs).
AwsEcrContainerAggregationResponse awsEcrContainerAggregation
An object that contains details about an aggregation response based on Amazon ECR container images.
Ec2InstanceAggregationResponse ec2InstanceAggregation
An object that contains details about an aggregation response based on Amazon EC2 instances.
FindingTypeAggregationResponse findingTypeAggregation
An object that contains details about an aggregation response based on finding types.
ImageLayerAggregationResponse imageLayerAggregation
An object that contains details about an aggregation response based on container image layers.
LambdaFunctionAggregationResponse lambdaFunctionAggregation
An aggregation of findings by Amazon Web Services Lambda function.
LambdaLayerAggregationResponse lambdaLayerAggregation
An aggregation of findings by Amazon Web Services Lambda layer.
PackageAggregationResponse packageAggregation
An object that contains details about an aggregation response based on operating system package type.
RepositoryAggregationResponse repositoryAggregation
An object that contains details about an aggregation response based on Amazon ECR repositories.
TitleAggregationResponse titleAggregation
An object that contains details about an aggregation response based on finding title.
String accountId
The Amazon Web Services account ID for the AMI.
Long affectedInstances
The IDs of Amazon EC2 instances using this AMI.
String ami
The ID of the AMI that findings were aggregated for.
SeverityCounts severityCounts
An object that contains the count of matched findings per severity.
String accountId
The Amazon Web Services account ID of the member account to be associated.
String accountId
The Amazon Web Services account ID of the successfully associated member account.
Date firstSeen
The date and time this vulnerability was first observed.
Date lastSeen
The date and time this vulnerability was last observed.
List<E> targets
The commercial sectors this vulnerability targets.
List<E> ttps
The MITRE ATT&CK tactics, techniques, and procedures (TTPs) associated with vulnerability.
Boolean ec2
Represents whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
Boolean ecr
Represents whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
Boolean lambda
Represents whether Amazon Web Services Lambda standard scans are automatically enabled for new members of your Amazon Inspector organization.
Boolean lambdaCode
Represents whether Lambda code scans are automatically enabled for new members of your Amazon Inspector organization.
</p>
String iamInstanceProfileArn
The IAM instance profile ARN of the Amazon EC2 instance.
String imageId
The image ID of the Amazon EC2 instance.
List<E> ipV4Addresses
The IPv4 addresses of the Amazon EC2 instance.
List<E> ipV6Addresses
The IPv6 addresses of the Amazon EC2 instance.
String keyName
The name of the key pair used to launch the Amazon EC2 instance.
Date launchedAt
The date and time the Amazon EC2 instance was launched at.
String platform
The platform of the Amazon EC2 instance.
String subnetId
The subnet ID of the Amazon EC2 instance.
String type
The type of the Amazon EC2 instance.
String vpcId
The VPC ID of the Amazon EC2 instance.
List<E> architectures
The architecture of the containers.
List<E> imageShas
The image SHA values.
List<E> imageTags
The image tags.
List<E> repositories
The container repositories.
List<E> resourceIds
The container resource IDs.
String sortBy
The value to sort by.
String sortOrder
The sort order (ascending or descending).
String accountId
The Amazon Web Services account ID of the account that owns the container.
String architecture
The architecture of the container.
String imageSha
The SHA value of the container image.
List<E> imageTags
The container image stags.
String repository
The container repository.
String resourceId
The resource ID of the container.
SeverityCounts severityCounts
The number of finding by severity.
String architecture
The architecture of the Amazon ECR container image.
String author
The image author of the Amazon ECR container image.
String imageHash
The image hash of the Amazon ECR container image.
List<E> imageTags
The image tags attached to the Amazon ECR container image.
String platform
The platform of the Amazon ECR container image.
Date pushedAt
The date and time the Amazon ECR container image was pushed.
String registry
The registry for the Amazon ECR container image.
String repositoryName
The name of the repository the Amazon ECR container image resides in.
List<E> architectures
The instruction set architecture that the Amazon Web Services Lambda function supports. Architecture is a string
array with one of the valid values. The default architecture value is x86_64.
String codeSha256
The SHA256 hash of the Amazon Web Services Lambda function's deployment package.
String executionRoleArn
The Amazon Web Services Lambda function's execution role.
String functionName
The name of the Amazon Web Services Lambda function.
Date lastModifiedAt
The date and time that a user last updated the configuration, in ISO 8601 format
List<E> layers
The Amazon Web Services Lambda function's layers. A Lambda function can have up to five layers.
String packageType
The type of deployment package. Set to Image for container image and set Zip for .zip
file archive.
String runtime
The runtime environment for the Amazon Web Services Lambda function.
String version
The version of the Amazon Web Services Lambda function.
LambdaVpcConfig vpcConfig
The Amazon Web Services Lambda function's networking configuration.
List<E> accountIds
An array of objects that provide details on the activation status of Amazon Inspector deep inspection for each of the requested accounts.
</p>
List<E> failedAccountIds
An array of objects that provide details on any accounts that failed to activate Amazon Inspector deep inspection and why.
</p>
List<E> accountIds
An array of objects that provide details for each of the accounts that Amazon Inspector deep inspection status was successfully changed for.
List<E> failedAccountIds
An array of objects that provide details for each of the accounts that Amazon Inspector deep inspection status could not be successfully changed for.
String reportId
The ID of the report to be canceled.
String reportId
The ID of the canceled report.
String reportId
The report ID of the SBOM export to cancel.
String reportId
The report ID of the canceled SBOM export.
String accountId
The account ID for the CIS check.
String checkDescription
The description for the CIS check.
String checkId
The check ID for the CIS check.
String level
The CIS check level.
String platform
The CIS check platform.
String scanArn
The scan ARN for the CIS check scan ARN.
StatusCounts statusCounts
The CIS check status counts.
String title
The CIS check title.
Integer failedChecks
The CIS scan's failed checks.
String scanArn
The CIS scan's ARN.
String scanConfigurationArn
The CIS scan's configuration ARN.
Date scanDate
The CIS scan's date.
String scanName
The the name of the scan configuration that's associated with this scan.
String scheduledBy
The account or organization that schedules the CIS scan.
String securityLevel
The security level for the CIS scan. Security level refers to the Benchmark levels that CIS assigns to a profile.
String status
The CIS scan's status.
CisTargets targets
The CIS scan's targets.
Integer totalChecks
The CIS scan's total checks.
String ownerId
The CIS scan configuration's owner ID.
String scanConfigurationArn
The CIS scan configuration's scan configuration ARN.
String scanName
The name of the CIS scan configuration.
Schedule schedule
The CIS scan configuration's schedule.
String securityLevel
The CIS scan configuration's security level.
Map<K,V> tags
The CIS scan configuration's tags.
CisTargets targets
The CIS scan configuration's targets.
String accountId
The CIS scan result details' account ID.
String checkDescription
The account ID that's associated with the CIS scan result details.
String checkId
The CIS scan result details' check ID.
String findingArn
The CIS scan result details' finding ARN.
String level
The CIS scan result details' level.
String platform
The CIS scan result details' platform.
String remediation
The CIS scan result details' remediation.
String scanArn
The CIS scan result details' scan ARN.
String status
The CIS scan result details' status.
String statusReason
The CIS scan result details' status reason.
String targetResourceId
The CIS scan result details' target resource ID.
String title
The CIS scan result details' title.
List<E> checkIdFilters
The criteria's check ID filters.
List<E> findingArnFilters
The criteria's finding ARN filters.
List<E> findingStatusFilters
The criteria's finding status filters.
List<E> securityLevelFilters
The criteria's security level filters. . Security level refers to the Benchmark levels that CIS assigns to a profile.
List<E> titleFilters
The criteria's title filters.
List<E> accountIdFilters
The criteria's account ID filters.
List<E> checkIdFilters
The criteria's check ID filters.
List<E> failedResourcesFilters
The criteria's failed resources filters.
List<E> platformFilters
The criteria's platform filters.
List<E> securityLevelFilters
The criteria's security level filters.
List<E> titleFilters
The criteria's title filters.
List<E> accountIdFilters
The criteria's account ID filters.
List<E> checkIdFilters
The criteria's check ID filters.
List<E> failedChecksFilters
The criteria's failed checks filters.
List<E> platformFilters
The criteria's platform filters.
List<E> statusFilters
The criteria's status filter.
List<E> targetResourceIdFilters
The criteria's target resource ID filters.
List<E> targetResourceTagFilters
The criteria's target resource tag filters.
List<E> targetStatusFilters
The criteria's target status filters.
List<E> targetStatusReasonFilters
The criteria's target status reason filters.
ByteBuffer cisRuleDetails
The CIS rule details for the CIS session message.
String ruleId
The rule ID for the CIS session message.
String status
The status of the CIS session message.
String accountId
The account ID for the CIS target resource.
String platform
The platform for the CIS target resource.
String scanArn
The scan ARN for the CIS target resource.
StatusCounts statusCounts
The target resource status counts.
String targetResourceId
The ID of the target resource.
Map<K,V> targetResourceTags
The tag for the target resource.
String targetStatus
The status of the target resource.
String targetStatusReason
The reason for the target resource.
Integer endLine
The line number of the last line of code that a vulnerability was found in.
String fileName
The name of the file the code vulnerability was found in.
String filePath
The file path to the code that a vulnerability was found in.
Integer startLine
The line number of the first line of code that a vulnerability was found in.
String errorCode
The error code for the error that prevented a code snippet from being retrieved.
String errorMessage
The error message received when Amazon Inspector failed to retrieve a code snippet.
String findingArn
The ARN of the finding that a code snippet couldn't be retrieved for.
List<E> codeSnippet
Contains information on the retrieved code snippet.
Integer endLine
The line number of the last line of a code snippet.
String findingArn
The ARN of a finding that the code snippet is associated with.
Integer startLine
The line number of the first line of a code snippet.
List<E> suggestedFixes
Details of a suggested code fix.
List<E> cwes
The Common Weakness Enumeration (CWE) item associated with the detected vulnerability.
String detectorId
The ID for the Amazon CodeGuru detector associated with the finding. For more information on detectors see Amazon CodeGuru Detector Library.
String detectorName
The name of the detector used to identify the code vulnerability. For more information on detectors see CodeGuru Detector Library.
List<E> detectorTags
The detector tag associated with the vulnerability. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.
CodeFilePath filePath
Contains information on where the code vulnerability is located in your code.
List<E> referenceUrls
A URL containing supporting documentation about the code vulnerability detected.
String ruleId
The identifier for a rule that was used to detect the code vulnerability.
String sourceLambdaLayerArn
The Amazon Resource Name (ARN) of the Lambda layer that the code vulnerability was detected in.
List<E> accountId
An array of Amazon Web Services account IDs to return coverage statistics for.
List<E> ec2InstanceTags
The Amazon EC2 instance tags to filter on.
List<E> ecrImageTags
The Amazon ECR image tags to filter on.
List<E> ecrRepositoryName
The Amazon ECR repository name to filter on.
List<E> imagePulledAt
The date an image was last pulled at.
List<E> lambdaFunctionName
Returns coverage statistics for Amazon Web Services Lambda functions filtered by function names.
List<E> lambdaFunctionRuntime
Returns coverage statistics for Amazon Web Services Lambda functions filtered by runtime.
List<E> lambdaFunctionTags
Returns coverage statistics for Amazon Web Services Lambda functions filtered by tag.
List<E> lastScannedAt
Filters Amazon Web Services resources based on whether Amazon Inspector has checked them for vulnerabilities within the specified time range.
List<E> resourceId
An array of Amazon Web Services resource IDs to return coverage statistics for.
List<E> resourceType
An array of Amazon Web Services resource types to return coverage statistics for. The values can be
AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION, AWS_ECR_CONTAINER_IMAGE,
AWS_ECR_REPOSITORY or AWS_ACCOUNT.
List<E> scanMode
The filter to search for Amazon EC2 instance coverage by scan mode. Valid values are
EC2_SSM_AGENT_BASED and EC2_HYBRID.
List<E> scanStatusCode
The scan status code to filter on. Valid values are: ValidationException,
InternalServerException, ResourceNotFoundException, BadRequestException,
and ThrottlingException.
List<E> scanStatusReason
The scan status reason to filter on.
List<E> scanType
An array of Amazon Inspector scan types to return coverage statistics for.
String accountId
The Amazon Web Services account ID of the covered resource.
Date lastScannedAt
The date and time the resource was last checked for vulnerabilities.
String resourceId
The ID of the covered resource.
ResourceScanMetadata resourceMetadata
An object that contains details about the metadata.
String resourceType
The type of the covered resource.
String scanMode
The scan method that is applied to the instance.
ScanStatus scanStatus
The status of the scan covering the resource.
String scanType
The Amazon Inspector scan type covering the resource.
String scanName
The scan name for the CIS scan configuration.
Schedule schedule
The schedule for the CIS scan configuration.
String securityLevel
The security level for the CIS scan configuration. Security level refers to the Benchmark levels that CIS assigns to a profile.
Map<K,V> tags
The tags for the CIS scan configuration.
CreateCisTargets targets
The targets for the CIS scan configuration.
String scanConfigurationArn
The scan configuration ARN for the CIS scan configuration.
String action
Defines the action that is to be applied to the findings that match the filter.
String description
A description of the filter.
FilterCriteria filterCriteria
Defines the criteria to be used in the filter for querying findings.
String name
The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.
String reason
The reason for creating the filter.
Map<K,V> tags
A list of tags for the filter.
String arn
The Amazon Resource Number (ARN) of the successfully created filter.
FilterCriteria filterCriteria
The filter criteria to apply to the results of the finding report.
String reportFormat
The format to generate the report in.
Destination s3Destination
The Amazon S3 export destination for the report.
String reportId
The ID of the report.
String reportFormat
The output format for the software bill of materials (SBOM) report.
ResourceFilterCriteria resourceFilterCriteria
The resource filter criteria for the software bill of materials (SBOM) report.
Destination s3Destination
String reportId
The report ID for the software bill of materials (SBOM) report.
List<E> adjustments
An object that contains details about adjustment Amazon Inspector made to the CVSS score.
String cvssSource
The source of the CVSS data.
Double score
The CVSS score.
String scoreSource
The source for the CVSS score.
String scoringVector
The vector for the CVSS score.
String version
The CVSS version used in scoring.
Time startTime
The schedule start time.
String scanConfigurationArn
The ARN of the CIS scan configuration.
String scanConfigurationArn
The ARN of the CIS scan configuration.
String arn
The Amazon Resource Number (ARN) of the filter to be deleted.
String arn
The Amazon Resource Number (ARN) of the filter that has been deleted.
AutoEnable autoEnable
The scan types are automatically enabled for new members of your organization.
Boolean maxAccountLimitReached
Represents whether your organization has reached the maximum Amazon Web Services account limit for Amazon Inspector.
String delegatedAdminAccountId
The Amazon Web Services account ID of the current Amazon Inspector delegated administrator.
String delegatedAdminAccountId
The Amazon Web Services account ID of the successfully disabled delegated administrator.
List<E> accounts
Information on the accounts that have had Amazon Inspector scans successfully disabled. Details are provided for each account.
List<E> failedAccounts
Information on any accounts for which Amazon Inspector scans could not be disabled. Details are provided for each account.
String accountId
The Amazon Web Services account ID of the member account to disassociate.
String accountId
The Amazon Web Services account ID of the successfully disassociated member.
String scanMode
The scan method that is applied to the instance.
Ec2ScanModeState scanModeState
An object that contains details about the state of the Amazon EC2 scan mode.
List<E> amis
The AMI IDs associated with the Amazon EC2 instances to aggregate findings for.
List<E> instanceIds
The Amazon EC2 instance IDs to aggregate findings for.
List<E> instanceTags
The Amazon EC2 instance tags to aggregate findings for.
List<E> operatingSystems
The operating system types to aggregate findings for. Valid values must be uppercase and underscore separated,
examples are ORACLE_LINUX_7 and ALPINE_LINUX_3_8.
String sortBy
The value to sort results by.
String sortOrder
The order to sort results by.
String accountId
The Amazon Web Services account for the Amazon EC2 instance.
String ami
The Amazon Machine Image (AMI) of the Amazon EC2 instance.
String instanceId
The Amazon EC2 instance ID.
Map<K,V> instanceTags
The tags attached to the instance.
Long networkFindings
The number of network findings for the Amazon EC2 instance.
String operatingSystem
The operating system of the Amazon EC2 instance.
SeverityCounts severityCounts
An object that contains the count of matched findings per severity.
EcrRescanDurationState rescanDurationState
An object that contains details about the state of the ECR re-scan settings.
String pullDateRescanDuration
The rescan duration configured for image pull date.
String rescanDuration
The rescan duration configured for image push date.
</p>
String status
The status of changes to the ECR automated re-scan duration.
Date updatedAt
A timestamp representing when the last time the ECR scan duration setting was changed.
String delegatedAdminAccountId
The Amazon Web Services account ID of the successfully Amazon Inspector delegated administrator.
List<E> accounts
Information on the accounts that have had Amazon Inspector scans successfully enabled. Details are provided for each account.
List<E> failedAccounts
Information on any accounts for which Amazon Inspector scans could not be enabled. Details are provided for each account.
Double score
The Exploit Prediction Scoring System (EPSS) score.
Double score
The EPSS score.
Date lastKnownExploitAt
The date and time of the last exploit associated with a finding discovered in your environment.
String accountId
The Amazon Web Services account ID.
String errorCode
The error code explaining why the account failed to enable Amazon Inspector.
String errorMessage
The error message received when the account failed to enable Amazon Inspector.
ResourceStatus resourceStatus
An object detailing which resources Amazon Inspector is enabled to scan for the account.
String status
The status of Amazon Inspector for the account.
String accountId
The unique identifier for the Amazon Web Services account of the organization member that failed to activate Amazon Inspector deep inspection.
String ec2ScanStatus
The status of EC2 scanning in the account that failed to activate Amazon Inspector deep inspection.
String errorMessage
The error message explaining why the account failed to activate Amazon Inspector deep inspection.
String action
The action that is to be applied to the findings that match the filter.
String arn
The Amazon Resource Number (ARN) associated with this filter.
Date createdAt
The date and time this filter was created at.
FilterCriteria criteria
Details on the filter criteria associated with this filter.
String description
A description of the filter.
String name
The name of the filter.
String ownerId
The Amazon Web Services account ID of the account that created the filter.
String reason
The reason for the filter.
Map<K,V> tags
The tags attached to the filter.
Date updatedAt
The date and time the filter was last updated at.
List<E> awsAccountId
Details of the Amazon Web Services account IDs used to filter findings.
List<E> codeVulnerabilityDetectorName
The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings.
List<E> codeVulnerabilityDetectorTags
The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see Java tags, or Python tags.
List<E> codeVulnerabilityFilePath
The file path to the file in a Lambda function that contains a code vulnerability used to filter findings.
List<E> componentId
Details of the component IDs used to filter findings.
List<E> componentType
Details of the component types used to filter findings.
List<E> ec2InstanceImageId
Details of the Amazon EC2 instance image IDs used to filter findings.
List<E> ec2InstanceSubnetId
Details of the Amazon EC2 instance subnet IDs used to filter findings.
List<E> ec2InstanceVpcId
Details of the Amazon EC2 instance VPC IDs used to filter findings.
List<E> ecrImageArchitecture
Details of the Amazon ECR image architecture types used to filter findings.
List<E> ecrImageHash
Details of the Amazon ECR image hashes used to filter findings.
List<E> ecrImagePushedAt
Details on the Amazon ECR image push date and time used to filter findings.
List<E> ecrImageRegistry
Details on the Amazon ECR registry used to filter findings.
List<E> ecrImageRepositoryName
Details on the name of the Amazon ECR repository used to filter findings.
List<E> ecrImageTags
The tags attached to the Amazon ECR container image.
List<E> epssScore
The EPSS score used to filter findings.
List<E> exploitAvailable
Filters the list of Amazon Web Services Lambda findings by the availability of exploits.
List<E> findingArn
Details on the finding ARNs used to filter findings.
List<E> findingStatus
Details on the finding status types used to filter findings.
List<E> findingType
Details on the finding types used to filter findings.
List<E> firstObservedAt
Details on the date and time a finding was first seen used to filter findings.
List<E> fixAvailable
Details on whether a fix is available through a version update. This value can be YES,
NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the
packages identified in the finding have fixes available through updated versions.
List<E> inspectorScore
The Amazon Inspector score to filter on.
List<E> lambdaFunctionExecutionRoleArn
Filters the list of Amazon Web Services Lambda functions by execution role.
List<E> lambdaFunctionLastModifiedAt
Filters the list of Amazon Web Services Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format
List<E> lambdaFunctionLayers
Filters the list of Amazon Web Services Lambda functions by the function's layers. A Lambda function can have up to five layers.
List<E> lambdaFunctionName
Filters the list of Amazon Web Services Lambda functions by the name of the function.
List<E> lambdaFunctionRuntime
Filters the list of Amazon Web Services Lambda functions by the runtime environment for the Lambda function.
List<E> lastObservedAt
Details on the date and time a finding was last seen used to filter findings.
List<E> networkProtocol
Details on network protocol used to filter findings.
List<E> portRange
Details on the port ranges used to filter findings.
List<E> relatedVulnerabilities
Details on the related vulnerabilities used to filter findings.
List<E> resourceId
Details on the resource IDs used to filter findings.
List<E> resourceTags
Details on the resource tags used to filter findings.
List<E> resourceType
Details on the resource types used to filter findings.
List<E> severity
Details on the severity used to filter findings.
List<E> title
Details on the finding title used to filter findings.
List<E> updatedAt
Details on the date and time a finding was last updated at used to filter findings.
List<E> vendorSeverity
Details on the vendor severity used to filter findings.
List<E> vulnerabilityId
Details on the vulnerability ID used to filter findings.
List<E> vulnerabilitySource
Details on the vulnerability type used to filter findings.
List<E> vulnerablePackages
Details on the vulnerable packages used to filter findings.
String awsAccountId
The Amazon Web Services account ID associated with the finding.
CodeVulnerabilityDetails codeVulnerabilityDetails
Details about the code vulnerability identified in a Lambda function used to filter findings.
String description
The description of the finding.
EpssDetails epss
The finding's EPSS score.
String exploitAvailable
If a finding discovered in your environment has an exploit available.
ExploitabilityDetails exploitabilityDetails
The details of an exploit available for a finding discovered in your environment.
String findingArn
The Amazon Resource Number (ARN) of the finding.
Date firstObservedAt
The date and time that the finding was first observed.
String fixAvailable
Details on whether a fix is available through a version update. This value can be YES,
NO, or PARTIAL. A PARTIAL fix means that some, but not all, of the
packages identified in the finding have fixes available through updated versions.
Double inspectorScore
The Amazon Inspector score given to the finding.
InspectorScoreDetails inspectorScoreDetails
An object that contains details of the Amazon Inspector score.
Date lastObservedAt
The date and time the finding was last observed. This timestamp for this field remains unchanged until a finding is updated.
NetworkReachabilityDetails networkReachabilityDetails
An object that contains the details of a network reachability finding.
PackageVulnerabilityDetails packageVulnerabilityDetails
An object that contains the details of a package vulnerability finding.
Remediation remediation
An object that contains the details about how to remediate a finding.
List<E> resources
Contains information on the resources involved in a finding. The resource value determines the valid
values for type in your request. For more information, see Finding types in the Amazon
Inspector user guide.
String severity
The severity of the finding. UNTRIAGED applies to PACKAGE_VULNERABILITY type findings
that the vendor has not assigned a severity yet. For more information, see Severity levels for
findings in the Amazon Inspector user guide.
String status
The status of the finding.
String title
The title of the finding.
String type
The type of the finding. The type value determines the valid values for resource in
your request. For more information, see Finding types in the Amazon
Inspector user guide.
Date updatedAt
The date and time the finding was last updated at.
CisaData cisaData
List<E> cwes
The Common Weakness Enumerations (CWEs) associated with the vulnerability.
Double epssScore
The Exploit Prediction Scoring System (EPSS) score of the vulnerability.
List<E> evidences
Information on the evidence of the vulnerability.
ExploitObserved exploitObserved
String findingArn
The finding ARN that the vulnerability details are associated with.
List<E> referenceUrls
The reference URLs for the vulnerability data.
Integer riskScore
The risk score of the vulnerability.
List<E> tools
The known malware tools or kits that can exploit the vulnerability.
List<E> ttps
The MITRE adversary tactics, techniques, or procedures (TTPs) associated with the vulnerability.
String accountId
The ID of the Amazon Web Services account associated with the findings.
SeverityCounts severityCounts
The value to sort results by.
Date end
The date and time that the Amazon Inspector free trail ends for a given account.
Date start
The date and time that the Amazon Inspector free trail started for a given account.
String status
The order to sort results by.
String type
The type of scan covered by the Amazon Inspector free trail.
String accountId
The account ID.
CisScanResultDetailsFilterCriteria filterCriteria
The filter criteria.
Integer maxResults
The maximum number of CIS scan result details to be returned in a single page of results.
String nextToken
The pagination token from a previous request that's used to retrieve the next page of results.
String scanArn
The scan ARN.
String sortBy
The sort by order.
String sortOrder
The sort order.
String targetResourceId
The target resource ID.
Ec2ConfigurationState ec2Configuration
Specifies how the Amazon EC2 automated scan mode is currently configured for your environment.
EcrConfigurationState ecrConfiguration
Specifies how the ECR automated re-scan duration is currently configured for your environment.
DelegatedAdmin delegatedAdmin
The Amazon Web Services account ID of the Amazon Inspector delegated administrator.
String errorMessage
An error message explaining why Amazon Inspector deep inspection configurations could not be retrieved for your account.
List<E> orgPackagePaths
The Amazon Inspector deep inspection custom paths for your organization.
List<E> packagePaths
The Amazon Inspector deep inspection custom paths for your account.
String status
The activation status of Amazon Inspector deep inspection in your account.
String kmsKeyId
A kms key ID.
String reportId
The ID of the report to retrieve the status of.
Destination destination
The destination of the report.
String errorCode
The error code of the report.
String errorMessage
The error message of the report.
FilterCriteria filterCriteria
The filter criteria associated with the report.
String reportId
The ID of the report.
String status
The status of the report.
String accountId
The Amazon Web Services account ID of the member account to retrieve information on.
Member member
Details of the retrieved member account.
String reportId
The report ID of the SBOM export to get details for.
String errorCode
An error code.
String errorMessage
An error message.
ResourceFilterCriteria filterCriteria
Contains details about the resource filter criteria used for the software bill of materials (SBOM) report.
String format
The format of the software bill of materials (SBOM) report.
String reportId
The report ID of the software bill of materials (SBOM) report.
Destination s3Destination
String status
The status of the software bill of materials (SBOM) report.
List<E> layerHashes
The hashes associated with the layers.
List<E> repositories
The repository associated with the container image hosting the layers.
List<E> resourceIds
The ID of the container image layer.
String sortBy
The value to sort results by.
String sortOrder
The order to sort results by.
String accountId
The ID of the Amazon Web Services account that owns the container image hosting the layer image.
String layerHash
The layer hash.
String repository
The repository the layer resides in.
String resourceId
The resource ID of the container image layer.
SeverityCounts severityCounts
An object that represents the count of matched findings per severity.
CvssScoreDetails adjustedCvss
An object that contains details about the CVSS score given to a finding.
Integer retryAfterSeconds
The number of seconds to wait before retrying the request.
List<E> functionNames
The Amazon Web Services Lambda function names to include in the aggregation results.
List<E> functionTags
The tags to include in the aggregation results.
List<E> resourceIds
The resource IDs to include in the aggregation results.
List<E> runtimes
Returns findings aggregated by Amazon Web Services Lambda function runtime environments.
String sortBy
The finding severity to use for sorting the results.
String sortOrder
The order to use for sorting the results.
String accountId
The ID of the Amazon Web Services account that owns the Amazon Web Services Lambda function.
String functionName
The Amazon Web Services Lambda function names included in the aggregation results.
Map<K,V> lambdaTags
The tags included in the aggregation results.
Date lastModifiedAt
The date that the Amazon Web Services Lambda function included in the aggregation results was last changed.
String resourceId
The resource IDs included in the aggregation results.
String runtime
The runtimes included in the aggregation results.
SeverityCounts severityCounts
String functionName
The name of a function.
Map<K,V> functionTags
The resource tags on an Amazon Web Services Lambda function.
List<E> layers
The layers for an Amazon Web Services Lambda function. A Lambda function can have up to five layers.
String runtime
An Amazon Web Services Lambda function's runtime.
List<E> functionNames
The names of the Amazon Web Services Lambda functions associated with the layers.
List<E> layerArns
The Amazon Resource Name (ARN) of the Amazon Web Services Lambda function layer.
List<E> resourceIds
The resource IDs for the Amazon Web Services Lambda function layers.
String sortBy
The finding severity to use for sorting the results.
String sortOrder
The order to use for sorting the results.
String accountId
The account ID of the Amazon Web Services Lambda function layer.
String functionName
The names of the Amazon Web Services Lambda functions associated with the layers.
String layerArn
The Amazon Resource Name (ARN) of the Amazon Web Services Lambda function layer.
String resourceId
The Resource ID of the Amazon Web Services Lambda function layer.
SeverityCounts severityCounts
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the NextToken value returned
from the previous request to continue listing results after the first page.
String service
The service scan type to check permissions for.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
List<E> permissions
Contains details on the permissions an account has to configure Amazon Inspector.
ListCisScanConfigurationsFilterCriteria filterCriteria
The CIS scan configuration filter criteria.
Integer maxResults
The maximum number of CIS scan configurations to be returned in a single page of results.
String nextToken
The pagination token from a previous request that's used to retrieve the next page of results.
String sortBy
The CIS scan configuration sort by order.
String sortOrder
The CIS scan configuration sort order order.
CisScanResultsAggregatedByChecksFilterCriteria filterCriteria
The filter criteria.
Integer maxResults
The maximum number of scan results aggregated by checks to be returned in a single page of results.
String nextToken
The pagination token from a previous request that's used to retrieve the next page of results.
String scanArn
The scan ARN.
String sortBy
The sort by order.
String sortOrder
The sort order.
CisScanResultsAggregatedByTargetResourceFilterCriteria filterCriteria
The filter criteria.
Integer maxResults
The maximum number of scan results aggregated by a target resource to be returned in a single page of results.
String nextToken
The pagination token from a previous request that's used to retrieve the next page of results.
String scanArn
The scan ARN.
String sortBy
The sort by order.
String sortOrder
The sort order.
List<E> failedChecksFilters
The list of failed checks filters.
List<E> scanArnFilters
The list of scan ARN filters.
List<E> scanAtFilters
The list of scan at filters.
List<E> scanConfigurationArnFilters
The list of scan configuration ARN filters.
List<E> scanNameFilters
The list of scan name filters.
List<E> scanStatusFilters
The list of scan status filters.
List<E> scheduledByFilters
The list of scheduled by filters.
List<E> targetAccountIdFilters
The list of target account ID filters.
List<E> targetResourceIdFilters
The list of target resource ID filters.
List<E> targetResourceTagFilters
The list of target resource tag filters.
String detailLevel
The detail applied to the CIS scan.
ListCisScansFilterCriteria filterCriteria
The CIS scan filter criteria.
Integer maxResults
The maximum number of results to be returned.
String nextToken
The pagination token from a previous request that's used to retrieve the next page of results.
String sortBy
The CIS scans sort by order.
String sortOrder
The CIS scans sort order.
CoverageFilterCriteria filterCriteria
An object that contains details on the filters to apply to the coverage data for your environment.
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the nextToken
value returned from the previous request to continue listing results after the first page.
List<E> coveredResources
An object that contains details on the covered resources in your environment.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
CoverageFilterCriteria filterCriteria
An object that contains details on the filters to apply to the coverage data for your environment.
String groupBy
The value to group the results by.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
List<E> countsByGroup
An array with the number for each group.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
Long totalCounts
The total number for all groups.
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the nextToken
value returned from the previous request to continue listing results after the first page.
List<E> delegatedAdminAccounts
Details of the Amazon Inspector delegated administrator of your organization.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
String action
The action the filter applies to matched findings.
List<E> arns
The Amazon resource number (ARN) of the filter.
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the nextToken
value returned from the previous request to continue listing results after the first page.
List<E> filters
Contains details on the filters associated with your account.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
List<E> accountIds
The Amazon Web Services account IDs to retrieve finding aggregation data for.
AggregationRequest aggregationRequest
Details of the aggregation request that is used to filter your aggregation results.
String aggregationType
The type of the aggregation request.
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the nextToken
value returned from the previous request to continue listing results after the first page.
String aggregationType
The type of aggregation to perform.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
List<E> responses
Objects that contain the results of an aggregation operation.
FilterCriteria filterCriteria
Details on the filters to apply to your finding results.
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the nextToken
value returned from the previous request to continue listing results after the first page.
SortCriteria sortCriteria
Details on the sort criteria to apply to your finding results.
List<E> findings
Contains details on the findings in your environment.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the nextToken
value returned from the previous request to continue listing results after the first page.
Boolean onlyAssociated
Specifies whether to list only currently associated members if True or to list all members within
the organization if False.
String resourceArn
The Amazon resource number (ARN) of the resource to list tags of.
List<E> accountIds
The Amazon Web Services account IDs to retrieve usage totals for.
Integer maxResults
The maximum number of results the response can return. If your request would return more than the maximum the
response will return a nextToken value, use this value when you call the action again to get the
remaining results.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. If your response returns more than the maxResults maximum
value it will also return a nextToken value. For subsequent calls, use the nextToken
value returned from the previous request to continue listing results after the first page.
String accountId
The Amazon Web Services account ID of the member account.
String delegatedAdminAccountId
The Amazon Web Services account ID of the Amazon Inspector delegated administrator for this member account.
String relationshipStatus
The status of the member account.
Date updatedAt
A timestamp showing when the status of this member was last updated.
String accountId
The unique identifier for the Amazon Web Services account of the organization member.
Boolean activateDeepInspection
Whether Amazon Inspector deep inspection is active in the account. If TRUE Amazon Inspector deep
inspection is active, if FALSE it is not active.
String accountId
The unique identifier for the Amazon Web Services account of the organization member
String errorMessage
The error message explaining why the account failed to activate Amazon Inspector deep inspection.
String status
The state of Amazon Inspector deep inspection in the member account.
NetworkPath networkPath
An object that contains details about a network path associated with a finding.
PortRange openPortRange
An object that contains details about the open port range associated with a finding.
String protocol
The protocol associated with a finding.
String accountId
The ID of the Amazon Web Services account associated with the findings.
String packageName
The name of the operating system package.
SeverityCounts severityCounts
An object that contains the count of matched findings per severity.
StringFilter architecture
An object that contains details on the package architecture type to filter on.
NumberFilter epoch
An object that contains details on the package epoch to filter on.
StringFilter name
An object that contains details on the name of the package to filter on.
StringFilter release
An object that contains details on the package release to filter on.
StringFilter sourceLambdaLayerArn
StringFilter sourceLayerHash
An object that contains details on the source layer hash to filter on.
StringFilter version
The package version to filter on.
List<E> cvss
An object that contains details about the CVSS score of a finding.
List<E> referenceUrls
One or more URLs that contain details about this vulnerability type.
List<E> relatedVulnerabilities
One or more vulnerabilities related to the one identified in this finding.
String source
The source of the vulnerability information.
String sourceUrl
A URL to the source of the vulnerability information.
Date vendorCreatedAt
The date and time that this vulnerability was first added to the vendor's database.
String vendorSeverity
The severity the vendor has given to this vulnerability type.
Date vendorUpdatedAt
The date and time the vendor last updated this vulnerability in their database.
String vulnerabilityId
The ID given to this vulnerability.
List<E> vulnerablePackages
The packages impacted by this vulnerability.
Recommendation recommendation
An object that contains information about the recommended course of action to remediate the finding.
String accountId
The ID of the Amazon Web Services account associated with the findings.
Long affectedImages
The number of container images impacted by the findings.
String repository
The name of the repository associated with the findings.
SeverityCounts severityCounts
An object that represent the count of matched findings per severity.
ResourceDetails details
An object that contains details about the resource involved in a finding.
String id
The ID of the resource.
String partition
The partition of the resource.
String region
The Amazon Web Services Region the impacted resource is located in.
Map<K,V> tags
The tags attached to the resource.
String type
The type of resource.
AwsEc2InstanceDetails awsEc2Instance
An object that contains details about the Amazon EC2 instance involved in the finding.
AwsEcrContainerImageDetails awsEcrContainerImage
An object that contains details about the Amazon ECR container image involved in the finding.
AwsLambdaFunctionDetails awsLambdaFunction
A summary of the information about an Amazon Web Services Lambda function affected by a finding.
List<E> accountId
The account IDs used as resource filter criteria.
List<E> ec2InstanceTags
The EC2 instance tags used as resource filter criteria.
List<E> ecrImageTags
The ECR image tags used as resource filter criteria.
List<E> ecrRepositoryName
The ECR repository names used as resource filter criteria.
List<E> lambdaFunctionName
The Amazon Web Services Lambda function name used as resource filter criteria.
List<E> lambdaFunctionTags
The Amazon Web Services Lambda function tags used as resource filter criteria.
List<E> resourceId
The resource IDs used as resource filter criteria.
List<E> resourceType
The resource types used as resource filter criteria.
Ec2Metadata ec2
An object that contains metadata details for an Amazon EC2 instance.
EcrContainerImageMetadata ecrImage
An object that contains details about the container metadata for an Amazon ECR image.
EcrRepositoryMetadata ecrRepository
An object that contains details about the repository an Amazon ECR image resides in.
LambdaFunctionMetadata lambdaFunction
An object that contains metadata details for an Amazon Web Services Lambda function.
String ec2
The status of Amazon Inspector scanning for Amazon EC2 resources.
String ecr
The status of Amazon Inspector scanning for Amazon ECR resources.
String lambda
The status of Amazon Inspector scanning for Amazon Web Services Lambda function.
String lambdaCode
The status of Amazon Inspector scanning for custom application code for Amazon Web Services Lambda functions.
String reason
The scan status. Possible return values and descriptions are:
PENDING_INITIAL_SCAN - This resource has been identified for scanning, results will be available
soon.
ACCESS_DENIED - Resource access policy restricting Amazon Inspector access. Please update the IAM
policy.
INTERNAL_ERROR - Amazon Inspector has encountered an internal error for this resource. Amazon
Inspector service will automatically resolve the issue and resume the scanning. No action required from the user.
UNMANAGED_EC2_INSTANCE - The EC2 instance is not managed by SSM, please use the following SSM
automation to remediate the issue: https://docs.aws.amazon.com/systems-manager-automation-runbooks/latest/userguide/automation-awssupport-
troubleshoot-managed-instance.html. Once the instance becomes managed by SSM, Inspector will automatically
begin scanning this instance.
UNSUPPORTED_OS - Amazon Inspector does not support this OS, architecture, or image manifest type at
this time. To see a complete list of supported operating systems see: https://docs.aws.amazon.com/inspector/latest/user/supported.html.
SCAN_ELIGIBILITY_EXPIRED - The configured scan duration has lapsed for this image.
RESOURCE_TERMINATED - This resource has been terminated. The findings and coverage associated with
this resource are in the process of being cleaned up.
SUCCESSFUL - The scan was successful.
NO_RESOURCES_FOUND - Reserved for future use.
IMAGE_SIZE_EXCEEDED - Reserved for future use.
SCAN_FREQUENCY_MANUAL - This image will not be covered by Amazon Inspector due to the repository
scan frequency configuration.
SCAN_FREQUENCY_SCAN_ON_PUSH - This image will be scanned one time and will not new findings because
of the scan frequency configuration.
EC2_INSTANCE_STOPPED - This EC2 instance is in a stopped state, therefore, Amazon Inspector will
pause scanning. The existing findings will continue to exist until the instance is terminated. Once the instance
is re-started, Inspector will automatically start scanning the instance again. Please note that you will not be
charged for this instance while it’s in a stopped state.
PENDING_DISABLE - This resource is pending cleanup during disablement. The customer will not be
billed while a resource is in the pending disable status.
NO INVENTORY - Amazon Inspector couldn’t find software application inventory to scan for
vulnerabilities. This might be caused due to required Amazon Inspector associations being deleted or failing to
run on your resource. Please verify the status of InspectorInventoryCollection-do-not-delete
association in the SSM console for the resource. Additionally, you can verify the instance’s inventory in the SSM
Fleet Manager console.
STALE_INVENTORY - Amazon Inspector wasn’t able to collect an updated software application inventory
in the last 7 days. Please confirm the required Amazon Inspector associations still exist and you can still see
an updated inventory in the SSM console.
EXCLUDED_BY_TAG - This resource was not scanned because it has been excluded by a tag.
UNSUPPORTED_RUNTIME - The function was not scanned because it has an unsupported runtime. To see a
complete list of supported runtimes see: https://docs.aws.amazon.com/inspector/latest/user/supported.html.
UNSUPPORTED_MEDIA_TYPE - The ECR image has an unsupported media type.
UNSUPPORTED_CONFIG_FILE - Reserved for future use.
DEEP_INSPECTION_PACKAGE_COLLECTION_LIMIT_EXCEEDED - The instance has exceeded the 5000 package limit
for Amazon Inspector Deep inspection. To resume Deep inspection for this instance you can try to adjust the
custom paths associated with the account.
DEEP_INSPECTION_DAILY_SSM_INVENTORY_LIMIT_EXCEEDED - The SSM agent couldn't send inventory to Amazon
Inspector because the SSM quota for Inventory data collected per instance per day has already been reached for
this instance.
DEEP_INSPECTION_COLLECTION_TIME_LIMIT_EXCEEDED - Amazon Inspector failed to extract the package
inventory because the package collection time exceeding the maximum threshold of 15 minutes.
DEEP_INSPECTION_NO_INVENTORY The Amazon Inspector plugin hasn't yet been able to collect an
inventory of packages for this instance. This is usually the result of a pending scan, however, if this status
persists after 6 hours, use SSM to ensure that the required Amazon Inspector associations exist and are running
for the instance.
String statusCode
The status code of the scan.
DailySchedule daily
The schedule's daily.
MonthlySchedule monthly
The schedule's monthly.
OneTimeSchedule oneTime
The schedule's one time.
WeeklySchedule weekly
The schedule's weekly.
SearchVulnerabilitiesFilterCriteria filterCriteria
The criteria used to filter the results of a vulnerability search.
String nextToken
A token to use for paginating results that are returned in the response. Set the value of this parameter to null
for the first request to a list action. For subsequent calls, use the NextToken value returned from
the previous request to continue listing results after the first page.
String resourceId
The ID of the resource that exceeds a service quota.
String sessionToken
The unique token that identifies the CIS session.
StartCisSessionMessage message
The start CIS session message.
String scanJobId
A unique identifier for the scan job.
Integer errorChecks
The progress' error checks.
Integer failedChecks
The progress' failed checks.
Integer informationalChecks
The progress' informational checks.
Integer notApplicableChecks
The progress' not applicable checks.
Integer notEvaluatedChecks
The progress' not evaluated checks.
Integer successfulChecks
The progress' successful checks.
Integer totalChecks
The progress' total checks.
Integer unknownChecks
The progress' unknown checks.
String benchmarkProfile
The message benchmark profile.
String benchmarkVersion
The message benchmark version.
ComputePlatform computePlatform
The message compute platform.
StopCisMessageProgress progress
The progress of the message.
String reason
The reason for the message.
String status
The status of the message.
StopCisSessionMessage message
The stop CIS session message.
String scanJobId
A unique identifier for the scan job.
String sessionToken
The unique token that identifies the CIS session.
Integer retryAfterSeconds
The number of seconds to wait before retrying the request.
String findingType
The type of finding to aggregate on.
String resourceType
The resource type to aggregate on.
String sortBy
The value to sort results by.
String sortOrder
The order to sort results by.
List<E> titles
The finding titles to aggregate on.
List<E> vulnerabilityIds
The vulnerability IDs of the findings.
String accountId
The ID of the Amazon Web Services account associated with the findings.
SeverityCounts severityCounts
An object that represent the count of matched findings per severity.
String title
The title that the findings were aggregated on.
String vulnerabilityId
The vulnerability ID of the finding.
String scanConfigurationArn
The CIS scan configuration ARN.
String scanName
The scan name for the CIS scan configuration.
Schedule schedule
The schedule for the CIS scan configuration.
String securityLevel
The security level for the CIS scan configuration. Security level refers to the Benchmark levels that CIS assigns to a profile.
UpdateCisTargets targets
The targets for the CIS scan configuration.
String scanConfigurationArn
The CIS scan configuration ARN.
Ec2Configuration ec2Configuration
Specifies how the Amazon EC2 automated scan will be updated for your environment.
EcrConfiguration ecrConfiguration
Specifies how the ECR automated re-scan will be updated for your environment.
Boolean activateDeepInspection
Specify TRUE to activate Amazon Inspector deep inspection in your account, or FALSE to
deactivate. Member accounts in an organization cannot deactivate deep inspection, instead the delegated
administrator for the organization can deactivate a member account using BatchUpdateMemberEc2DeepInspectionStatus.
List<E> packagePaths
The Amazon Inspector deep inspection custom paths you are adding for your account.
String errorMessage
An error message explaining why new Amazon Inspector deep inspection custom paths could not be added.
List<E> orgPackagePaths
The current Amazon Inspector deep inspection custom paths for the organization.
List<E> packagePaths
The current Amazon Inspector deep inspection custom paths for your account.
String status
The status of Amazon Inspector deep inspection in your account.
String action
Specifies the action that is to be applied to the findings that match the filter.
String description
A description of the filter.
String filterArn
The Amazon Resource Number (ARN) of the filter to update.
FilterCriteria filterCriteria
Defines the criteria to be update in the filter.
String name
The name of the filter.
String reason
The reason the filter was updated.
String arn
The Amazon Resource Number (ARN) of the successfully updated filter.
AutoEnable autoEnable
Defines which scan types are enabled automatically for new members of your Amazon Inspector organization.
AutoEnable autoEnable
The updated status of scan types automatically enabled for new members of your Amazon Inspector organization.
AtigData atigData
An object that contains information about the Amazon Web Services Threat Intel Group (ATIG) details for the vulnerability.
CisaData cisaData
An object that contains the Cybersecurity and Infrastructure Security Agency (CISA) details for the vulnerability.
Cvss2 cvss2
An object that contains the Common Vulnerability Scoring System (CVSS) Version 2 details for the vulnerability.
Cvss3 cvss3
An object that contains the Common Vulnerability Scoring System (CVSS) Version 3 details for the vulnerability.
List<E> cwes
The Common Weakness Enumeration (CWE) associated with the vulnerability.
String description
A description of the vulnerability.
List<E> detectionPlatforms
Platforms that the vulnerability can be detected on.
Epss epss
An object that contains the Exploit Prediction Scoring System (EPSS) score for a vulnerability.
ExploitObserved exploitObserved
An object that contains details on when the exploit was observed.
String id
The ID for the specific vulnerability.
List<E> referenceUrls
Links to various resources with more information on this vulnerability.
List<E> relatedVulnerabilities
A list of related vulnerabilities.
String source
The source of the vulnerability information. Possible results are RHEL, AMAZON_CVE,
DEBIAN or NVD.
String sourceUrl
A link to the official source material for this vulnerability.
Date vendorCreatedAt
The date and time when the vendor created this vulnerability.
String vendorSeverity
The severity assigned by the vendor.
Date vendorUpdatedAt
The date and time when the vendor last updated this vulnerability.
String arch
The architecture of the vulnerable package.
Integer epoch
The epoch of the vulnerable package.
String filePath
The file path of the vulnerable package.
String fixedInVersion
The version of the package that contains the vulnerability fix.
String name
The name of the vulnerable package.
String packageManager
The package manager of the vulnerable package.
String release
The release of the vulnerable package.
String remediation
The code to run in your environment to update packages with a fix available.
String sourceLambdaLayerArn
The Amazon Resource Number (ARN) of the Amazon Web Services Lambda function affected by a finding.
String sourceLayerHash
The source layer hash of the vulnerable package.
String version
The version of the vulnerable package.
Copyright © 2024. All rights reserved.