CodeGuruSecurity / Client / create_scan
create_scan#
- CodeGuruSecurity.Client.create_scan(**kwargs)#
Use to create a scan using code uploaded to an S3 bucket.
See also: AWS API Documentation
Request Syntax
response = client.create_scan( analysisType='Security'|'All', clientToken='string', resourceId={ 'codeArtifactId': 'string' }, scanName='string', scanType='Standard'|'Express', tags={ 'string': 'string' } )
- Parameters:
analysisType (string) – The type of analysis you want CodeGuru Security to perform in the scan, either
Security
orAll
. TheSecuirty
type only generates findings related to security. TheAll
type generates both security findings and quality findings. Defaults toSecurity
type if missing.clientToken (string) –
The idempotency token for the request. Amazon CodeGuru Security uses this value to prevent the accidental creation of duplicate scans if there are failures and retries.
This field is autopopulated if not provided.
resourceId (dict) –
[REQUIRED]
The identifier for an input resource used to create a scan.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
codeArtifactId
.codeArtifactId (string) –
The identifier for the code file uploaded to the resource where a finding was detected.
scanName (string) –
[REQUIRED]
The unique name that CodeGuru Security uses to track revisions across multiple scans of the same resource. Only allowed for a
STANDARD
scan type. If not specified, it will be auto generated.scanType (string) –
The type of scan, either
Standard
orExpress
. Defaults toStandard
type if missing.Express
scans run on limited resources and use a limited set of detectors to analyze your code in near-real time.Standard
scans have standard resource limits and use the full set of detectors to analyze your code.tags (dict) –
An array of key-value pairs used to tag a scan. A tag is a custom attribute label with two parts:
A tag key. For example,
CostCenter
,Environment
, orSecret
. Tag keys are case sensitive.An optional tag value field. For example,
111122223333
,Production
, or a team name. Omitting the tag value is the same as using an empty string. Tag values are case sensitive.
(string) –
(string) –
- Return type:
dict
- Returns:
Response Syntax
{ 'resourceId': { 'codeArtifactId': 'string' }, 'runId': 'string', 'scanName': 'string', 'scanNameArn': 'string', 'scanState': 'InProgress'|'Successful'|'Failed' }
Response Structure
(dict) –
resourceId (dict) –
The identifier for the resource object that contains resources that were scanned.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
codeArtifactId
. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBER
as the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBER
is as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
codeArtifactId (string) –
The identifier for the code file uploaded to the resource where a finding was detected.
runId (string) –
UUID that identifies the individual scan run.
scanName (string) –
The name of the scan.
scanNameArn (string) –
The ARN for the scan name.
scanState (string) –
The current state of the scan. Returns either
InProgress
,Successful
, orFailed
.
Exceptions
CodeGuruSecurity.Client.exceptions.InternalServerException
CodeGuruSecurity.Client.exceptions.ConflictException
CodeGuruSecurity.Client.exceptions.ResourceNotFoundException
CodeGuruSecurity.Client.exceptions.ThrottlingException
CodeGuruSecurity.Client.exceptions.ValidationException
CodeGuruSecurity.Client.exceptions.AccessDeniedException