AWS Amazon Inspector CLI Commands

Associates an Amazon Web Services account with an Amazon Inspector delegated administrator. An HTTP 200 response indicates the association was successfully started, but doesn’t indicate whether it was completed. You can check if the association completed by using ListMembers for multiple accounts or

Associates multiple code repositories with an Amazon Inspector code security scan configuration.

Disassociates multiple code repositories from an Amazon Inspector code security scan configuration.

Retrieves the Amazon Inspector status of multiple Amazon Web Services accounts within your environment.

Retrieves code snippets from findings that Amazon Inspector detected code vulnerabilities in.

Gets vulnerability details for findings.

Gets free trial status for multiple Amazon Web Services accounts.

Retrieves Amazon Inspector deep inspection activation status of multiple member accounts within your organization. You must be the delegated administrator of an organization in Amazon Inspector to use this API.

Activates or deactivates Amazon Inspector deep inspection for the provided member accounts in your organization. You must be the delegated administrator of an organization in Amazon Inspector to use this API.

Cancels the given findings report.

Cancels a software bill of materials (SBOM) report.

Creates a CIS scan configuration.

Creates a code security integration with a source code repository provider. After calling the CreateCodeSecurityIntegration operation, you complete authentication and authorization with your provider. Next you call the UpdateCodeSecurityIntegration operation to provide the details to complete the in

Creates a scan configuration for code security scanning.

Creates a filter resource using specified filter criteria. When the filter action is set to SUPPRESS this action creates a suppression rule.

Creates a finding report. By default only ACTIVE findings are returned in the report. To see SUPRESSED or CLOSED findings you must specify a value for the findingStatus filter criteria.

Creates a software bill of materials (SBOM) report.

Deletes a CIS scan configuration.

Deletes a code security integration.

Deletes a code security scan configuration.

Deletes a filter resource.

Describe Amazon Inspector configuration settings for an Amazon Web Services organization.

Disables Amazon Inspector scans for one or more Amazon Web Services accounts. Disabling all scan types in an account disables the Amazon Inspector service.

Disables the Amazon Inspector delegated administrator for your organization.

Disassociates a member account from an Amazon Inspector delegated administrator.

Enables Amazon Inspector scans for one or more Amazon Web Services accounts.

Enables the Amazon Inspector delegated administrator for your Organizations organization.

Retrieves a CIS scan report.

Retrieves CIS scan result details.

Returns a list of clusters and metadata associated with an image.

Retrieves information about a code security integration.

Retrieves information about a specific code security scan.

Retrieves information about a code security scan configuration.

Retrieves setting configurations for Inspector scans.

Retrieves information about the Amazon Inspector delegated administrator for your organization.

Retrieves the activation status of Amazon Inspector deep inspection and custom paths associated with your account.

Gets an encryption key.

Gets the status of a findings report.

Gets member information for your organization.

Gets details of a software bill of materials (SBOM) report.

Lists the permissions an account has to configure Amazon Inspector. If the account is a member account or standalone account with resources managed by an Organizations policy, the operation returns fewer permissions.

Lists CIS scan configurations.

Lists scan results aggregated by checks.

Lists scan results aggregated by a target resource.

Returns a CIS scan list.

Lists all code security integrations in your account.

Lists the associations between code repositories and Amazon Inspector code security scan configurations.

Lists all code security scan configurations in your account.

Lists coverage details for your environment.

Lists Amazon Inspector coverage statistics for your environment.

Lists information about the Amazon Inspector delegated administrator of your organization.

Lists the filters associated with your account.

Lists aggregated finding data for your environment based on specific criteria.

Lists findings for your environment.

List members associated with the Amazon Inspector delegated administrator for your organization.

Lists all tags attached to a given resource.

Lists the Amazon Inspector usage totals over the last 30 days.

Resets an encryption key. After the key is reset your resources will be encrypted by an Amazon Web Services owned key.

Lists Amazon Inspector coverage details for a specific vulnerability.

Sends a CIS session health. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to start a CIS scan session for the scan ID supplied by the service.

Sends a CIS session telemetry. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to start a CIS scan session for the scan ID supplied by the service.

Starts a CIS session. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to start a CIS scan session for the scan ID supplied by the service.

Initiates a code security scan on a specified repository.

Stops a CIS session. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to stop a CIS scan session for the scan ID supplied by the service.

Adds tags to a resource.

Removes tags from a resource.

Updates a CIS scan configuration.

Updates an existing code security integration. After calling the CreateCodeSecurityIntegration operation, you complete authentication and authorization with your provider. Next you call the UpdateCodeSecurityIntegration operation to provide the details to complete the integration setup

Updates an existing code security scan configuration.

Updates setting configurations for your Amazon Inspector account. When you use this API as an Amazon Inspector delegated administrator this updates the setting for all accounts you manage. Member accounts in an organization cannot update this setting.

Activates, deactivates Amazon Inspector deep inspection, or updates custom paths for your account.

Updates an encryption key. A ResourceNotFoundException means that an Amazon Web Services owned key is being used for encryption.

Specifies the action that is to be applied to the findings that match the filter.

Updates the Amazon Inspector deep inspection custom paths for your organization. You must be an Amazon Inspector delegated administrator to use this API.

Updates the configurations for your Amazon Inspector organization.