AWS.Inspector (aws-elixir v0.8.0) View Source

Amazon Inspector

Amazon Inspector enables you to analyze the behavior of your AWS resources and to identify potential security issues.

For more information, see Amazon Inspector User Guide.

Link to this section Summary

Functions

Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings.

Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup.

Creates an assessment template for the assessment target that is specified by the ARN of the assessment target.

Starts the generation of an exclusions preview for the specified assessment template.

Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target.

Deletes the assessment run that is specified by the ARN of the assessment run.

Deletes the assessment target that is specified by the ARN of the assessment target.

Deletes the assessment template that is specified by the ARN of the assessment template.

Describes the assessment runs that are specified by the ARNs of the assessment runs.

Describes the assessment targets that are specified by the ARNs of the assessment targets.

Describes the assessment templates that are specified by the ARNs of the assessment templates.

Describes the IAM role that enables Amazon Inspector to access your AWS account.

Describes the exclusions that are specified by the exclusions' ARNs.

Describes the findings that are specified by the ARNs of the findings.

Describes the resource groups that are specified by the ARNs of the resource groups.

Describes the rules packages that are specified by the ARNs of the rules packages.

Produces an assessment report that includes detailed and comprehensive results of a specified assessment run.

Retrieves the exclusions preview (a list of ExclusionPreview objects) specified by the preview token.

Information about the data that is collected for the specified assessment run.

Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs.

Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates.

Lists the ARNs of the assessment targets within this AWS account.

Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets.

Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template.

List exclusions that are generated by the assessment run.

Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs.

Lists all available Amazon Inspector rules packages.

Lists all tags associated with an assessment template.

Previews the agents installed on the EC2 instances that are part of the specified assessment target.

Registers the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments.

Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists.

Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template.

Starts the assessment run specified by the ARN of the assessment template.

Stops the assessment run that is specified by the ARN of the assessment run.

Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.

Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.

Updates the assessment target that is specified by the ARN of the assessment target.

Link to this section Functions

Link to this function

add_attributes_to_findings(client, input, options \\ [])

View Source

Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings.

Link to this function

create_assessment_target(client, input, options \\ [])

View Source

Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup.

If resourceGroupArn is not specified, all EC2 instances in the current AWS account and region are included in the assessment target. If the service-linked role isn’t already registered, this action also creates and registers a service-linked role to grant Amazon Inspector access to AWS Services needed to perform security assessments. You can create up to 50 assessment targets per AWS account. You can run up to 500 concurrent agents per AWS account. For more information, see Amazon Inspector Assessment Targets.

Link to this function

create_assessment_template(client, input, options \\ [])

View Source

Creates an assessment template for the assessment target that is specified by the ARN of the assessment target.

If the service-linked role isn’t already registered, this action also creates and registers a service-linked role to grant Amazon Inspector access to AWS Services needed to perform security assessments.

Link to this function

create_exclusions_preview(client, input, options \\ [])

View Source

Starts the generation of an exclusions preview for the specified assessment template.

The exclusions preview lists the potential exclusions (ExclusionPreview) that Inspector can detect before it runs the assessment.

Link to this function

create_resource_group(client, input, options \\ [])

View Source

Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target.

The created resource group is then used to create an Amazon Inspector assessment target. For more information, see CreateAssessmentTarget.

Link to this function

delete_assessment_run(client, input, options \\ [])

View Source

Deletes the assessment run that is specified by the ARN of the assessment run.

Link to this function

delete_assessment_target(client, input, options \\ [])

View Source

Deletes the assessment target that is specified by the ARN of the assessment target.

Link to this function

delete_assessment_template(client, input, options \\ [])

View Source

Deletes the assessment template that is specified by the ARN of the assessment template.

Link to this function

describe_assessment_runs(client, input, options \\ [])

View Source

Describes the assessment runs that are specified by the ARNs of the assessment runs.

Link to this function

describe_assessment_targets(client, input, options \\ [])

View Source

Describes the assessment targets that are specified by the ARNs of the assessment targets.

Link to this function

describe_assessment_templates(client, input, options \\ [])

View Source

Describes the assessment templates that are specified by the ARNs of the assessment templates.

Link to this function

describe_cross_account_access_role(client, input, options \\ [])

View Source

Describes the IAM role that enables Amazon Inspector to access your AWS account.

Link to this function

describe_exclusions(client, input, options \\ [])

View Source

Describes the exclusions that are specified by the exclusions' ARNs.

Link to this function

describe_findings(client, input, options \\ [])

View Source

Describes the findings that are specified by the ARNs of the findings.

Link to this function

describe_resource_groups(client, input, options \\ [])

View Source

Describes the resource groups that are specified by the ARNs of the resource groups.

Link to this function

describe_rules_packages(client, input, options \\ [])

View Source

Describes the rules packages that are specified by the ARNs of the rules packages.

Link to this function

get_assessment_report(client, input, options \\ [])

View Source

Produces an assessment report that includes detailed and comprehensive results of a specified assessment run.

Link to this function

get_exclusions_preview(client, input, options \\ [])

View Source

Retrieves the exclusions preview (a list of ExclusionPreview objects) specified by the preview token.

You can obtain the preview token by running the CreateExclusionsPreview API.

Link to this function

get_telemetry_metadata(client, input, options \\ [])

View Source

Information about the data that is collected for the specified assessment run.

Link to this function

list_assessment_run_agents(client, input, options \\ [])

View Source

Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs.

Link to this function

list_assessment_runs(client, input, options \\ [])

View Source

Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates.

Link to this function

list_assessment_targets(client, input, options \\ [])

View Source

Lists the ARNs of the assessment targets within this AWS account.

For more information about assessment targets, see Amazon Inspector Assessment Targets.

Link to this function

list_assessment_templates(client, input, options \\ [])

View Source

Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets.

Link to this function

list_event_subscriptions(client, input, options \\ [])

View Source

Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template.

For more information, see SubscribeToEvent and UnsubscribeFromEvent.

Link to this function

list_exclusions(client, input, options \\ [])

View Source

List exclusions that are generated by the assessment run.

Link to this function

list_findings(client, input, options \\ [])

View Source

Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs.

Link to this function

list_rules_packages(client, input, options \\ [])

View Source

Lists all available Amazon Inspector rules packages.

Link to this function

list_tags_for_resource(client, input, options \\ [])

View Source

Lists all tags associated with an assessment template.

Link to this function

preview_agents(client, input, options \\ [])

View Source

Previews the agents installed on the EC2 instances that are part of the specified assessment target.

Link to this function

register_cross_account_access_role(client, input, options \\ [])

View Source

Registers the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments.

Link to this function

remove_attributes_from_findings(client, input, options \\ [])

View Source

Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists.

Link to this function

set_tags_for_resource(client, input, options \\ [])

View Source

Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template.

Link to this function

start_assessment_run(client, input, options \\ [])

View Source

Starts the assessment run specified by the ARN of the assessment template.

For this API to function properly, you must not exceed the limit of running up to 500 concurrent agents per AWS account.

Link to this function

stop_assessment_run(client, input, options \\ [])

View Source

Stops the assessment run that is specified by the ARN of the assessment run.

Link to this function

subscribe_to_event(client, input, options \\ [])

View Source

Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.

Link to this function

unsubscribe_from_event(client, input, options \\ [])

View Source

Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic.

Link to this function

update_assessment_target(client, input, options \\ [])

View Source

Updates the assessment target that is specified by the ARN of the assessment target.

If resourceGroupArn is not specified, all EC2 instances in the current AWS account and region are included in the assessment target.