Inspector2.Client.create_filter(**kwargs)¶Creates a filter resource using specified filter criteria.
See also: AWS API Documentation
Request Syntax
response = client.create_filter(
action='NONE'|'SUPPRESS',
description='string',
filterCriteria={
'awsAccountId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'componentType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceImageId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceSubnetId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ec2InstanceVpcId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageArchitecture': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageHash': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImagePushedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'ecrImageRegistry': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageRepositoryName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'ecrImageTags': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'exploitAvailable': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingStatus': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'findingType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'firstObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'fixAvailable': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'inspectorScore': [
{
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
],
'lambdaFunctionExecutionRoleArn': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'lambdaFunctionLastModifiedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'lambdaFunctionLayers': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'lambdaFunctionName': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'lambdaFunctionRuntime': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'lastObservedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'networkProtocol': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'portRange': [
{
'beginInclusive': 123,
'endInclusive': 123
},
],
'relatedVulnerabilities': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'resourceTags': [
{
'comparison': 'EQUALS',
'key': 'string',
'value': 'string'
},
],
'resourceType': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'severity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'title': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'updatedAt': [
{
'endInclusive': datetime(2015, 1, 1),
'startInclusive': datetime(2015, 1, 1)
},
],
'vendorSeverity': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilityId': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerabilitySource': [
{
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
],
'vulnerablePackages': [
{
'architecture': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'epoch': {
'lowerInclusive': 123.0,
'upperInclusive': 123.0
},
'name': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'release': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLambdaLayerArn': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'sourceLayerHash': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
},
'version': {
'comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS',
'value': 'string'
}
},
]
},
name='string',
reason='string',
tags={
'string': 'string'
}
)
[REQUIRED]
Defines the action that is to be applied to the findings that match the filter.
[REQUIRED]
Defines the criteria to be used in the filter for querying findings.
Details of the Amazon Web Services account IDs used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details of the component IDs used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details of the component types used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details of the Amazon EC2 instance image IDs used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details of the Amazon EC2 instance subnet IDs used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details of the Amazon EC2 instance VPC IDs used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details of the Amazon ECR image architecture types used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details of the Amazon ECR image hashes used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the Amazon ECR image push date and time used to filter findings.
Contains details on the time range used to filter findings.
A timestamp representing the end of the time period filtered on.
A timestamp representing the start of the time period filtered on.
Details on the Amazon ECR registry used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the name of the Amazon ECR repository used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
The tags attached to the Amazon ECR container image.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Filters the list of AWS Lambda findings by the availability of exploits.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the finding ARNs used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the finding status types used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the finding types used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the date and time a finding was first seen used to filter findings.
Contains details on the time range used to filter findings.
A timestamp representing the end of the time period filtered on.
A timestamp representing the start of the time period filtered on.
Details on whether a fix is available through a version update. This value can be YES , NO , or PARTIAL . A PARTIAL fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
The Amazon Inspector score to filter on.
An object that describes the details of a number filter.
The lowest number to be included in the filter.
The highest number to be included in the filter.
Filters the list of AWS Lambda functions by execution role.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in ISO 8601 format
Contains details on the time range used to filter findings.
A timestamp representing the end of the time period filtered on.
A timestamp representing the start of the time period filtered on.
Filters the list of AWS Lambda functions by the function's layers. A Lambda function can have up to five layers.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Filters the list of AWS Lambda functions by the name of the function.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Filters the list of AWS Lambda functions by the runtime environment for the Lambda function.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the date and time a finding was last seen used to filter findings.
Contains details on the time range used to filter findings.
A timestamp representing the end of the time period filtered on.
A timestamp representing the start of the time period filtered on.
Details on the ingress source addresses used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the port ranges used to filter findings.
An object that describes the details of a port range filter.
The port number the port range begins at.
The port number the port range ends at.
Details on the related vulnerabilities used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the resource IDs used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the resource tags used to filter findings.
An object that describes details of a map filter.
The operator to use when comparing values in the filter.
The tag key used in the filter.
The tag value used in the filter.
Details on the resource types used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the severity used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the finding title used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the date and time a finding was last updated at used to filter findings.
Contains details on the time range used to filter findings.
A timestamp representing the end of the time period filtered on.
A timestamp representing the start of the time period filtered on.
Details on the vendor severity used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the vulnerability ID used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the vulnerability type used to filter findings.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
Details on the vulnerable packages used to filter findings.
Contains information on the details of a package filter.
An object that contains details on the package architecture type to filter on.
The operator to use when comparing values in the filter.
The value to filter on.
An object that contains details on the package epoch to filter on.
The lowest number to be included in the filter.
The highest number to be included in the filter.
An object that contains details on the name of the package to filter on.
The operator to use when comparing values in the filter.
The value to filter on.
An object that contains details on the package release to filter on.
The operator to use when comparing values in the filter.
The value to filter on.
An object that describes the details of a string filter.
The operator to use when comparing values in the filter.
The value to filter on.
An object that contains details on the source layer hash to filter on.
The operator to use when comparing values in the filter.
The value to filter on.
The package version to filter on.
The operator to use when comparing values in the filter.
The value to filter on.
[REQUIRED]
The name of the filter. Minimum length of 3. Maximum length of 64. Valid characters include alphanumeric characters, dot (.), underscore (_), and dash (-). Spaces are not allowed.
A list of tags for the filter.
dict
Response Syntax
{
'arn': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Number (ARN) of the successfully created filter.
Exceptions
Inspector2.Client.exceptions.ServiceQuotaExceededExceptionInspector2.Client.exceptions.BadRequestExceptionInspector2.Client.exceptions.ValidationExceptionInspector2.Client.exceptions.AccessDeniedExceptionInspector2.Client.exceptions.ThrottlingExceptionInspector2.Client.exceptions.InternalServerException