Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 US1-FED

Agentless Scanning

Datadog Agentless Scanning provides visibility into risks and vulnerabilities within your hosts, running containers, and serverless functions—all without requiring teams to install Agents on every host or where Agents cannot be installed. Agentless offers also Sensitive Data Scanning capabilities on your storage. Go to https://www.datadoghq.com/blog/agentless-scanning/ to learn more.

Get AWS Scan Options

GET https://api.ap1.datadoghq.com/api/v2/agentless_scanning/accounts/awshttps://api.datadoghq.eu/api/v2/agentless_scanning/accounts/awshttps://api.ddog-gov.com/api/v2/agentless_scanning/accounts/awshttps://api.datadoghq.com/api/v2/agentless_scanning/accounts/awshttps://api.us3.datadoghq.com/api/v2/agentless_scanning/accounts/awshttps://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws

Overview

Fetches the scan options configured for AWS accounts.

Response

OK

Response object that includes a list of AWS scan options.

Expand All

Field

Type

Description

data

[object]

A list of AWS scan options.

attributes

object

Attributes for the AWS scan options.

lambda

boolean

Indicates if scanning of Lambda functions is enabled.

sensitive_data

boolean

Indicates if scanning for sensitive data is enabled.

vuln_containers_os

boolean

Indicates if scanning for vulnerabilities in containers is enabled.

vuln_host_os

boolean

Indicates if scanning for vulnerabilities in hosts is enabled.

id

string

The ID of the AWS account.

type

enum

The type of the resource. The value should always be aws_scan_options. Allowed enum values: aws_scan_options

default: aws_scan_options

{
  "data": [
    {
      "attributes": {
        "lambda": true,
        "sensitive_data": false,
        "vuln_containers_os": true,
        "vuln_host_os": true
      },
      "id": "184366314700",
      "type": "aws_scan_options"
    }
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

                
"""
Get AWS Scan Options returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.agentless_scanning_api import AgentlessScanningApi

configuration = Configuration()
with ApiClient(configuration) as api_client:
    api_instance = AgentlessScanningApi(api_client)
    response = api_instance.list_aws_scan_options()

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"
# Get AWS Scan Options returns "OK" response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::AgentlessScanningAPI.new
p api_instance.list_aws_scan_options()

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"
// Get AWS Scan Options returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewAgentlessScanningApi(apiClient)
	resp, r, err := api.ListAwsScanOptions(ctx)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `AgentlessScanningApi.ListAwsScanOptions`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `AgentlessScanningApi.ListAwsScanOptions`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"
// Get AWS Scan Options returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.AgentlessScanningApi;
import com.datadog.api.client.v2.model.AwsScanOptionsResponse;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    AgentlessScanningApi apiInstance = new AgentlessScanningApi(defaultClient);

    try {
      AwsScanOptionsResponse result = apiInstance.listAwsScanOptions();
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling AgentlessScanningApi#listAwsScanOptions");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"
// Get AWS Scan Options returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_agentless_scanning::AgentlessScanningAPI;

#[tokio::main]
async fn main() {
    let configuration = datadog::Configuration::new();
    let api = AgentlessScanningAPI::with_config(configuration);
    let resp = api.list_aws_scan_options().await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run
/**
 * Get AWS Scan Options returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
const apiInstance = new v2.AgentlessScanningApi(configuration);

apiInstance
  .listAwsScanOptions()
  .then((data: v2.AwsScanOptionsResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comddog-gov.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"

Post AWS Scan Options

POST https://api.ap1.datadoghq.com/api/v2/agentless_scanning/accounts/awshttps://api.datadoghq.eu/api/v2/agentless_scanning/accounts/awshttps://api.ddog-gov.com/api/v2/agentless_scanning/accounts/awshttps://api.datadoghq.com/api/v2/agentless_scanning/accounts/awshttps://api.us3.datadoghq.com/api/v2/agentless_scanning/accounts/awshttps://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws

Overview

Activate Agentless scan options for an AWS account.

Request

Body Data (required)

The definition of the new scan options.

Expand All

Field

Type

Description

data [required]

object

Object for the scan options of a single AWS account.

attributes [required]

object

Attributes for the AWS scan options to create.

lambda [required]

boolean

Indicates if scanning of Lambda functions is enabled.

sensitive_data [required]

boolean

Indicates if scanning for sensitive data is enabled.

vuln_containers_os [required]

boolean

Indicates if scanning for vulnerabilities in containers is enabled.

vuln_host_os [required]

boolean

Indicates if scanning for vulnerabilities in hosts is enabled.

id [required]

string

The ID of the AWS account.

type [required]

enum

The type of the resource. The value should always be aws_scan_options. Allowed enum values: aws_scan_options

default: aws_scan_options

{
  "data": {
    "attributes": {
      "lambda": true,
      "sensitive_data": false,
      "vuln_containers_os": true,
      "vuln_host_os": true
    },
    "id": "123456789012",
    "type": "aws_scan_options"
  }
}

Response

Agentless scan options enabled successfully.

Response object that includes the scan options of an AWS account.

Expand All

Field

Type

Description

data

object

Single AWS Scan Options entry.

attributes

object

Attributes for the AWS scan options.

lambda

boolean

Indicates if scanning of Lambda functions is enabled.

sensitive_data

boolean

Indicates if scanning for sensitive data is enabled.

vuln_containers_os

boolean

Indicates if scanning for vulnerabilities in containers is enabled.

vuln_host_os

boolean

Indicates if scanning for vulnerabilities in hosts is enabled.

id

string

The ID of the AWS account.

type

enum

The type of the resource. The value should always be aws_scan_options. Allowed enum values: aws_scan_options

default: aws_scan_options

{
  "data": {
    "attributes": {
      "lambda": true,
      "sensitive_data": false,
      "vuln_containers_os": true,
      "vuln_host_os": true
    },
    "id": "184366314700",
    "type": "aws_scan_options"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Conflict

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X POST "https://api.ap1.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "lambda": true,
      "sensitive_data": false,
      "vuln_containers_os": true,
      "vuln_host_os": true
    },
    "id": "123456789012",
    "type": "aws_scan_options"
  }
}
EOF

Patch AWS Scan Options

PATCH https://api.ap1.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.datadoghq.eu/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.ddog-gov.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.us3.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}

Overview

Update the Agentless scan options for an activated account.

Arguments

Path Parameters

Name

Type

Description

account_id [required]

string

The ID of an AWS account.

Request

Body Data (required)

New definition of the scan options.

Expand All

Field

Type

Description

data [required]

object

Object for the scan options of a single AWS account.

attributes [required]

object

Attributes for the AWS scan options to update.

lambda

boolean

Indicates if scanning of Lambda functions is enabled.

sensitive_data

boolean

Indicates if scanning for sensitive data is enabled.

vuln_containers_os

boolean

Indicates if scanning for vulnerabilities in containers is enabled.

vuln_host_os

boolean

Indicates if scanning for vulnerabilities in hosts is enabled.

id [required]

string

The ID of the AWS account.

type [required]

enum

The type of the resource. The value should always be aws_scan_options. Allowed enum values: aws_scan_options

default: aws_scan_options

{
  "data": {
    "type": "aws_scan_options",
    "id": "000000000002",
    "attributes": {
      "vuln_host_os": true,
      "vuln_containers_os": true,
      "lambda": false
    }
  }
}

Response

No Content

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                          # Path parameters
export account_id="123456789012"
# Curl command
curl -X PATCH "https://api.ap1.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws/${account_id}" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "type": "aws_scan_options",
    "id": "000000000002",
    "attributes": {
      "vuln_host_os": true,
      "vuln_containers_os": true,
      "lambda": false
    }
  }
}
EOF

Delete AWS Scan Options

DELETE https://api.ap1.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.datadoghq.eu/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.ddog-gov.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.us3.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}https://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws/{account_id}

Overview

Delete Agentless scan options for an AWS account.

Arguments

Path Parameters

Name

Type

Description

account_id [required]

string

The ID of an AWS account.

Response

No Content

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Path parameters
export account_id="123456789012"
# Curl command
curl -X DELETE "https://api.ap1.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws/${account_id}" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

Get AWS On Demand tasks

GET https://api.ap1.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.datadoghq.eu/api/v2/agentless_scanning/ondemand/awshttps://api.ddog-gov.com/api/v2/agentless_scanning/ondemand/awshttps://api.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.us3.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws

Overview

Fetches the most recent 1000 AWS on demand tasks. This endpoint requires the security_monitoring_findings_read permission.

Response

OK

Response object that includes a list of AWS on demand tasks.

Expand All

Field

Type

Description

data

[object]

A list of on demand tasks.

attributes

object

Attributes for the AWS on demand task.

arn

string

The arn of the resource to scan.

assigned_at

string

Specifies the assignment timestamp if the task has been already assigned to a scanner.

created_at

string

The task submission timestamp.

status

string

Indicates the status of the task. QUEUED: the task has been submitted successfully and the resource has not been assigned to a scanner yet. ASSIGNED: the task has been assigned. ABORTED: the scan has been aborted after a period of time due to technical reasons, such as resource not found, insufficient permissions, or the absence of a configured scanner.

id

string

The UUID of the task.

type

enum

The type of the on demand task. The value should always be aws_resource. Allowed enum values: aws_resource

default: aws_resource

{
  "data": [
    {
      "attributes": {
        "arn": "arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba",
        "assigned_at": "2025-02-11T18:25:04.550564Z",
        "created_at": "2025-02-11T18:13:24.576915Z",
        "status": "QUEUED"
      },
      "id": "6d09294c-9ad9-42fd-a759-a0c1599b4828",
      "type": "aws_resource"
    }
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

Get AWS On Demand task by id

GET https://api.ap1.datadoghq.com/api/v2/agentless_scanning/ondemand/aws/{task_id}https://api.datadoghq.eu/api/v2/agentless_scanning/ondemand/aws/{task_id}https://api.ddog-gov.com/api/v2/agentless_scanning/ondemand/aws/{task_id}https://api.datadoghq.com/api/v2/agentless_scanning/ondemand/aws/{task_id}https://api.us3.datadoghq.com/api/v2/agentless_scanning/ondemand/aws/{task_id}https://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws/{task_id}

Overview

Fetch the data of a specific on demand task. This endpoint requires the security_monitoring_findings_read permission.

Arguments

Path Parameters

Name

Type

Description

task_id [required]

string

The UUID of the task.

Response

OK.

Response object that includes an AWS on demand task.

Expand All

Field

Type

Description

data

object

Single AWS on demand task.

attributes

object

Attributes for the AWS on demand task.

arn

string

The arn of the resource to scan.

assigned_at

string

Specifies the assignment timestamp if the task has been already assigned to a scanner.

created_at

string

The task submission timestamp.

status

string

Indicates the status of the task. QUEUED: the task has been submitted successfully and the resource has not been assigned to a scanner yet. ASSIGNED: the task has been assigned. ABORTED: the scan has been aborted after a period of time due to technical reasons, such as resource not found, insufficient permissions, or the absence of a configured scanner.

id

string

The UUID of the task.

type

enum

The type of the on demand task. The value should always be aws_resource. Allowed enum values: aws_resource

default: aws_resource

{
  "data": {
    "attributes": {
      "arn": "arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba",
      "assigned_at": "2025-02-11T18:25:04.550564Z",
      "created_at": "2025-02-11T18:13:24.576915Z",
      "status": "QUEUED"
    },
    "id": "6d09294c-9ad9-42fd-a759-a0c1599b4828",
    "type": "aws_resource"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Path parameters
export task_id="6d09294c-9ad9-42fd-a759-a0c1599b4828"
# Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws/${task_id}" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

Post an AWS on demand task

POST https://api.ap1.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.datadoghq.eu/api/v2/agentless_scanning/ondemand/awshttps://api.ddog-gov.com/api/v2/agentless_scanning/ondemand/awshttps://api.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.us3.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws

Overview

Trigger the scan of an AWS resource with a high priority. Agentless scanning must be activated for the AWS account containing the resource to scan. This endpoint requires the security_monitoring_findings_write permission.

Request

Body Data (required)

The definition of the on demand task.

Expand All

Field

Type

Description

data [required]

object

Object for a single AWS on demand task.

attributes [required]

object

Attributes for the AWS on demand task.

arn [required]

string

The arn of the resource to scan. Agentless supports the scan of EC2 instances, lambda functions, AMI, ECR, RDS and S3 buckets.

type [required]

enum

The type of the on demand task. The value should always be aws_resource. Allowed enum values: aws_resource

default: aws_resource

{
  "data": {
    "attributes": {
      "arn": "arn:aws:lambda:eu-west-3:376334461865:function:This-Is-An-Api-Spec-Test"
    },
    "type": "aws_resource"
  }
}

Response

AWS on demand task created successfully.

Response object that includes an AWS on demand task.

Expand All

Field

Type

Description

data

object

Single AWS on demand task.

attributes

object

Attributes for the AWS on demand task.

arn

string

The arn of the resource to scan.

assigned_at

string

Specifies the assignment timestamp if the task has been already assigned to a scanner.

created_at

string

The task submission timestamp.

status

string

Indicates the status of the task. QUEUED: the task has been submitted successfully and the resource has not been assigned to a scanner yet. ASSIGNED: the task has been assigned. ABORTED: the scan has been aborted after a period of time due to technical reasons, such as resource not found, insufficient permissions, or the absence of a configured scanner.

id

string

The UUID of the task.

type

enum

The type of the on demand task. The value should always be aws_resource. Allowed enum values: aws_resource

default: aws_resource

{
  "data": {
    "attributes": {
      "arn": "arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba",
      "assigned_at": "2025-02-11T18:25:04.550564Z",
      "created_at": "2025-02-11T18:13:24.576915Z",
      "status": "QUEUED"
    },
    "id": "6d09294c-9ad9-42fd-a759-a0c1599b4828",
    "type": "aws_resource"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                          # Curl command
curl -X POST "https://api.ap1.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "arn": "arn:aws:lambda:eu-west-3:376334461865:function:This-Is-An-Api-Spec-Test"
    },
    "type": "aws_resource"
  }
}
EOF