Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 AP2 US1-FED US2-FED
This product is not supported for your selected Datadog site. ().

Create AWS on demand task

POST https://api.ap1.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.ap2.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.datadoghq.eu/api/v2/agentless_scanning/ondemand/awshttps://api.ddog-gov.com/api/v2/agentless_scanning/ondemand/awshttps://api.us2.ddog-gov.com/api/v2/agentless_scanning/ondemand/awshttps://api.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.us3.datadoghq.com/api/v2/agentless_scanning/ondemand/awshttps://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws

Overview

Trigger the scan of an AWS resource with a high priority. Agentless scanning must be activated for the AWS account containing the resource to scan. This endpoint requires the security_monitoring_findings_write permission.

OAuth apps require the org_management authorization scope to access this endpoint.

Request

Body Data (required)

The definition of the on demand task.

Expand All

Field

Type

Description

data [required]

object

Object for a single AWS on demand task.

attributes [required]

object

Attributes for the AWS on demand task.

arn [required]

string

The arn of the resource to scan. Agentless supports the scan of EC2 instances, lambda functions, AMI, ECR, RDS and S3 buckets.

type [required]

enum

The type of the on demand task. The value should always be aws_resource. Allowed enum values: aws_resource

default: aws_resource

{
  "data": {
    "attributes": {
      "arn": "arn:aws:lambda:us-west-2:123456789012:function:my-function"
    },
    "type": "aws_resource"
  }
}

Response

AWS on demand task created successfully.

Response object that includes an AWS on demand task.

Expand All

Field

Type

Description

data

object

Single AWS on demand task.

attributes

object

Attributes for the AWS on demand task.

arn

string

The arn of the resource to scan.

assigned_at

string

Specifies the assignment timestamp if the task has been already assigned to a scanner.

created_at

string

The task submission timestamp.

status

string

Indicates the status of the task. QUEUED: the task has been submitted successfully and the resource has not been assigned to a scanner yet. ASSIGNED: the task has been assigned. ABORTED: the scan has been aborted after a period of time due to technical reasons, such as resource not found, insufficient permissions, or the absence of a configured scanner.

id

string

The UUID of the task.

type

enum

The type of the on demand task. The value should always be aws_resource. Allowed enum values: aws_resource

default: aws_resource

{
  "data": {
    "attributes": {
      "arn": "arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba",
      "assigned_at": "2025-02-11T18:25:04.550564Z",
      "created_at": "2025-02-11T18:13:24.576915Z",
      "status": "QUEUED"
    },
    "id": "6d09294c-9ad9-42fd-a759-a0c1599b4828",
    "type": "aws_resource"
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                          ## default
# 

# Curl command
curl -X POST "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/agentless_scanning/ondemand/aws" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "arn": "arn:aws:ec2:us-east-1:727000456123:instance/i-0eabb50529b67a1ba"
    },
    "type": "aws_resource"
  }
}
EOF

                        
// Create AWS on demand task returns "AWS on demand task created successfully." response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	body := datadogV2.AwsOnDemandCreateRequest{
		Data: datadogV2.AwsOnDemandCreateData{
			Attributes: datadogV2.AwsOnDemandCreateAttributes{
				Arn: "arn:aws:lambda:us-west-2:123456789012:function:my-function",
			},
			Type: datadogV2.AWSONDEMANDTYPE_AWS_RESOURCE,
		},
	}
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewAgentlessScanningApi(apiClient)
	resp, r, err := api.CreateAwsOnDemandTask(ctx, body)

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `AgentlessScanningApi.CreateAwsOnDemandTask`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `AgentlessScanningApi.CreateAwsOnDemandTask`:\n%s\n", responseContent)
}

Instructions

First install the library and its dependencies and then save the example to main.go and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" go run "main.go"
// Create AWS on demand task returns "AWS on demand task created successfully." response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.AgentlessScanningApi;
import com.datadog.api.client.v2.model.AwsOnDemandCreateAttributes;
import com.datadog.api.client.v2.model.AwsOnDemandCreateData;
import com.datadog.api.client.v2.model.AwsOnDemandCreateRequest;
import com.datadog.api.client.v2.model.AwsOnDemandResponse;
import com.datadog.api.client.v2.model.AwsOnDemandType;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    AgentlessScanningApi apiInstance = new AgentlessScanningApi(defaultClient);

    AwsOnDemandCreateRequest body =
        new AwsOnDemandCreateRequest()
            .data(
                new AwsOnDemandCreateData()
                    .attributes(
                        new AwsOnDemandCreateAttributes()
                            .arn("arn:aws:lambda:us-west-2:123456789012:function:my-function"))
                    .type(AwsOnDemandType.AWS_RESOURCE));

    try {
      AwsOnDemandResponse result = apiInstance.createAwsOnDemandTask(body);
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling AgentlessScanningApi#createAwsOnDemandTask");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}

Instructions

First install the library and its dependencies and then save the example to Example.java and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" java "Example.java"
"""
Create AWS on demand task returns "AWS on demand task created successfully." response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.agentless_scanning_api import AgentlessScanningApi
from datadog_api_client.v2.model.aws_on_demand_create_attributes import AwsOnDemandCreateAttributes
from datadog_api_client.v2.model.aws_on_demand_create_data import AwsOnDemandCreateData
from datadog_api_client.v2.model.aws_on_demand_create_request import AwsOnDemandCreateRequest
from datadog_api_client.v2.model.aws_on_demand_type import AwsOnDemandType

body = AwsOnDemandCreateRequest(
    data=AwsOnDemandCreateData(
        attributes=AwsOnDemandCreateAttributes(
            arn="arn:aws:lambda:us-west-2:123456789012:function:my-function",
        ),
        type=AwsOnDemandType.AWS_RESOURCE,
    ),
)

configuration = Configuration()
with ApiClient(configuration) as api_client:
    api_instance = AgentlessScanningApi(api_client)
    response = api_instance.create_aws_on_demand_task(body=body)

    print(response)

Instructions

First install the library and its dependencies and then save the example to example.py and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" python3 "example.py"
# Create AWS on demand task returns "AWS on demand task created successfully." response

require "datadog_api_client"
api_instance = DatadogAPIClient::V2::AgentlessScanningAPI.new

body = DatadogAPIClient::V2::AwsOnDemandCreateRequest.new({
  data: DatadogAPIClient::V2::AwsOnDemandCreateData.new({
    attributes: DatadogAPIClient::V2::AwsOnDemandCreateAttributes.new({
      arn: "arn:aws:lambda:us-west-2:123456789012:function:my-function",
    }),
    type: DatadogAPIClient::V2::AwsOnDemandType::AWS_RESOURCE,
  }),
})
p api_instance.create_aws_on_demand_task(body)

Instructions

First install the library and its dependencies and then save the example to example.rb and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" rb "example.rb"
// Create AWS on demand task returns "AWS on demand task created successfully."
// response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_agentless_scanning::AgentlessScanningAPI;
use datadog_api_client::datadogV2::model::AwsOnDemandCreateAttributes;
use datadog_api_client::datadogV2::model::AwsOnDemandCreateData;
use datadog_api_client::datadogV2::model::AwsOnDemandCreateRequest;
use datadog_api_client::datadogV2::model::AwsOnDemandType;

#[tokio::main]
async fn main() {
    let body = AwsOnDemandCreateRequest::new(AwsOnDemandCreateData::new(
        AwsOnDemandCreateAttributes::new(
            "arn:aws:lambda:us-west-2:123456789012:function:my-function".to_string(),
        ),
        AwsOnDemandType::AWS_RESOURCE,
    ));
    let configuration = datadog::Configuration::new();
    let api = AgentlessScanningAPI::with_config(configuration);
    let resp = api.create_aws_on_demand_task(body).await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}

Instructions

First install the library and its dependencies and then save the example to src/main.rs and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" cargo run
/**
 * Create AWS on demand task returns "AWS on demand task created successfully." response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
const apiInstance = new v2.AgentlessScanningApi(configuration);

const params: v2.AgentlessScanningApiCreateAwsOnDemandTaskRequest = {
  body: {
    data: {
      attributes: {
        arn: "arn:aws:lambda:us-west-2:123456789012:function:my-function",
      },
      type: "aws_resource",
    },
  },
};

apiInstance
  .createAwsOnDemandTask(params)
  .then((data: v2.AwsOnDemandResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));

Instructions

First install the library and its dependencies and then save the example to example.ts and run following commands:

    
DD_SITE="datadoghq.comus3.datadoghq.comus5.datadoghq.comdatadoghq.euap1.datadoghq.comap2.datadoghq.comddog-gov.comus2.ddog-gov.com" DD_API_KEY="<DD_API_KEY>" DD_APP_KEY="<DD_APP_KEY>" tsc "example.ts"