Amazon Inspector · Schema
FilterCriteria
Details on the criteria used to define the filter.
ComplianceContainer SecurityEC2LambdaSecurityVulnerability Scanning
Properties
| Name | Type | Description |
|---|---|---|
| awsAccountId | object | |
| codeVulnerabilityDetectorName | object | |
| codeVulnerabilityDetectorTags | object | |
| codeVulnerabilityFilePath | object | |
| componentId | object | |
| componentType | object | |
| ec2InstanceImageId | object | |
| ec2InstanceSubnetId | object | |
| ec2InstanceVpcId | object | |
| ecrImageArchitecture | object | |
| ecrImageHash | object | |
| ecrImagePushedAt | object | |
| ecrImageRegistry | object | |
| ecrImageRepositoryName | object | |
| ecrImageTags | object | |
| epssScore | object | |
| exploitAvailable | object | |
| findingArn | object | |
| findingStatus | object | |
| findingType | object | |
| firstObservedAt | object | |
| fixAvailable | object | |
| inspectorScore | object | |
| lambdaFunctionExecutionRoleArn | object | |
| lambdaFunctionLastModifiedAt | object | |
| lambdaFunctionLayers | object | |
| lambdaFunctionName | object | |
| lambdaFunctionRuntime | object | |
| lastObservedAt | object | |
| networkProtocol | object | |
| portRange | object | |
| relatedVulnerabilities | object | |
| resourceId | object | |
| resourceTags | object | |
| resourceType | object | |
| severity | object | |
| title | object | |
| updatedAt | object | |
| vendorSeverity | object | |
| vulnerabilityId | object | |
| vulnerabilitySource | object | |
| vulnerablePackages | object |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-inspector/refs/heads/main/json-schema/inspector-filter-criteria-schema.json",
"title": "FilterCriteria",
"description": "Details on the criteria used to define the filter.",
"type": "object",
"properties": {
"awsAccountId": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the Amazon Web Services account IDs used to filter findings."
}
]
},
"codeVulnerabilityDetectorName": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "The name of the detector used to identify a code vulnerability in a Lambda function used to filter findings."
}
]
},
"codeVulnerabilityDetectorTags": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "The detector type tag associated with the vulnerability used to filter findings. Detector tags group related vulnerabilities by common themes or tactics. For a list of available tags by programming language, see <a href=\"https://docs.aws.amazon.com/codeguru/detector-library/java/tags/\">Java tags</a>, or <a href=\"https://docs.aws.amazon.com/codeguru/detector-library/python/tags/\">Python tags</a>. "
}
]
},
"codeVulnerabilityFilePath": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "The file path to the file in a Lambda function that contains a code vulnerability used to filter findings."
}
]
},
"componentId": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the component IDs used to filter findings."
}
]
},
"componentType": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the component types used to filter findings."
}
]
},
"ec2InstanceImageId": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the Amazon EC2 instance image IDs used to filter findings."
}
]
},
"ec2InstanceSubnetId": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the Amazon EC2 instance subnet IDs used to filter findings."
}
]
},
"ec2InstanceVpcId": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the Amazon EC2 instance VPC IDs used to filter findings."
}
]
},
"ecrImageArchitecture": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the Amazon ECR image architecture types used to filter findings."
}
]
},
"ecrImageHash": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details of the Amazon ECR image hashes used to filter findings."
}
]
},
"ecrImagePushedAt": {
"allOf": [
{
"$ref": "#/components/schemas/DateFilterList"
},
{
"description": "Details on the Amazon ECR image push date and time used to filter findings."
}
]
},
"ecrImageRegistry": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the Amazon ECR registry used to filter findings."
}
]
},
"ecrImageRepositoryName": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the name of the Amazon ECR repository used to filter findings."
}
]
},
"ecrImageTags": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "The tags attached to the Amazon ECR container image."
}
]
},
"epssScore": {
"allOf": [
{
"$ref": "#/components/schemas/NumberFilterList"
},
{
"description": "The EPSS score used to filter findings."
}
]
},
"exploitAvailable": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Filters the list of AWS Lambda findings by the availability of exploits."
}
]
},
"findingArn": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the finding ARNs used to filter findings."
}
]
},
"findingStatus": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the finding status types used to filter findings."
}
]
},
"findingType": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the finding types used to filter findings."
}
]
},
"firstObservedAt": {
"allOf": [
{
"$ref": "#/components/schemas/DateFilterList"
},
{
"description": "Details on the date and time a finding was first seen used to filter findings."
}
]
},
"fixAvailable": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on whether a fix is available through a version update. This value can be <code>YES</code>, <code>NO</code>, or <code>PARTIAL</code>. A <code>PARTIAL</code> fix means that some, but not all, of the packages identified in the finding have fixes available through updated versions."
}
]
},
"inspectorScore": {
"allOf": [
{
"$ref": "#/components/schemas/NumberFilterList"
},
{
"description": "The Amazon Inspector score to filter on."
}
]
},
"lambdaFunctionExecutionRoleArn": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Filters the list of AWS Lambda functions by execution role."
}
]
},
"lambdaFunctionLastModifiedAt": {
"allOf": [
{
"$ref": "#/components/schemas/DateFilterList"
},
{
"description": "Filters the list of AWS Lambda functions by the date and time that a user last updated the configuration, in <a href=\"https://www.iso.org/iso-8601-date-and-time-format.html\">ISO 8601 format</a> "
}
]
},
"lambdaFunctionLayers": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Filters the list of AWS Lambda functions by the function's <a href=\"https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html\"> layers</a>. A Lambda function can have up to five layers."
}
]
},
"lambdaFunctionName": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Filters the list of AWS Lambda functions by the name of the function."
}
]
},
"lambdaFunctionRuntime": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Filters the list of AWS Lambda functions by the runtime environment for the Lambda function."
}
]
},
"lastObservedAt": {
"allOf": [
{
"$ref": "#/components/schemas/DateFilterList"
},
{
"description": "Details on the date and time a finding was last seen used to filter findings."
}
]
},
"networkProtocol": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on network protocol used to filter findings."
}
]
},
"portRange": {
"allOf": [
{
"$ref": "#/components/schemas/PortRangeFilterList"
},
{
"description": "Details on the port ranges used to filter findings."
}
]
},
"relatedVulnerabilities": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the related vulnerabilities used to filter findings."
}
]
},
"resourceId": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the resource IDs used to filter findings."
}
]
},
"resourceTags": {
"allOf": [
{
"$ref": "#/components/schemas/MapFilterList"
},
{
"description": "Details on the resource tags used to filter findings."
}
]
},
"resourceType": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the resource types used to filter findings."
}
]
},
"severity": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the severity used to filter findings."
}
]
},
"title": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the finding title used to filter findings."
}
]
},
"updatedAt": {
"allOf": [
{
"$ref": "#/components/schemas/DateFilterList"
},
{
"description": "Details on the date and time a finding was last updated at used to filter findings."
}
]
},
"vendorSeverity": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the vendor severity used to filter findings."
}
]
},
"vulnerabilityId": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the vulnerability ID used to filter findings."
}
]
},
"vulnerabilitySource": {
"allOf": [
{
"$ref": "#/components/schemas/StringFilterList"
},
{
"description": "Details on the vulnerability type used to filter findings."
}
]
},
"vulnerablePackages": {
"allOf": [
{
"$ref": "#/components/schemas/PackageFilterList"
},
{
"description": "Details on the vulnerable packages used to filter findings."
}
]
}
}
}