--- title: Create AWS scan options description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > Agentless Scanning --- {% callout %} # Important note for users on the following Datadog sites: app.ddog-gov.com, us2.ddog-gov.com {% alert level="danger" %} This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ({% placeholder "user-datadog-site-name" /%}). {% /alert %} {% /callout %} # Create AWS scan options{% #create-aws-scan-options %} Copy pageCopied {% tab title="v2" %} | Datadog site | API endpoint | | ----------------- | ------------------------------------------------------------------------- | | ap1.datadoghq.com | POST https://api.ap1.datadoghq.com/api/v2/agentless_scanning/accounts/aws | | ap2.datadoghq.com | POST https://api.ap2.datadoghq.com/api/v2/agentless_scanning/accounts/aws | | app.datadoghq.eu | POST https://api.datadoghq.eu/api/v2/agentless_scanning/accounts/aws | | app.ddog-gov.com | POST https://api.ddog-gov.com/api/v2/agentless_scanning/accounts/aws | | us2.ddog-gov.com | POST https://api.us2.ddog-gov.com/api/v2/agentless_scanning/accounts/aws | | app.datadoghq.com | POST https://api.datadoghq.com/api/v2/agentless_scanning/accounts/aws | | us3.datadoghq.com | POST https://api.us3.datadoghq.com/api/v2/agentless_scanning/accounts/aws | | us5.datadoghq.com | POST https://api.us5.datadoghq.com/api/v2/agentless_scanning/accounts/aws | ### Overview Activate Agentless scan options for an AWS account. OAuth apps require the `org_management` authorization [scope](https://docs.datadoghq.com/api/latest/scopes.md#agentless-scanning) to access this endpoint. ### Request #### Body Data (required) The definition of the new scan options. {% tab title="Model" %} | Parent field | Field | Type | Description | | ------------ | ------------------------------------ | ------- | ---------------------------------------------------------------------------------------------------------------- | | | data [*required*] | object | Object for the scan options of a single AWS account. | | data | attributes [*required*] | object | Attributes for the AWS scan options to create. | | attributes | compliance_host [*required*] | boolean | Indicates whether host compliance scanning is enabled. | | attributes | lambda [*required*] | boolean | Indicates if scanning of Lambda functions is enabled. | | attributes | sensitive_data [*required*] | boolean | Indicates if scanning for sensitive data is enabled. | | attributes | vuln_containers_os [*required*] | boolean | Indicates if scanning for vulnerabilities in containers is enabled. | | attributes | vuln_host_os [*required*] | boolean | Indicates if scanning for vulnerabilities in hosts is enabled. | | data | id [*required*] | string | The ID of the AWS account. | | data | type [*required*] | enum | The type of the resource. The value should always be `aws_scan_options`. Allowed enum values: `aws_scan_options` | {% /tab %} {% tab title="Example" %} ```json { "data": { "attributes": { "compliance_host": false, "lambda": true, "sensitive_data": false, "vuln_containers_os": true, "vuln_host_os": true }, "id": "123456789012", "type": "aws_scan_options" } } ``` {% /tab %} ### Response {% tab title="201" %} Agentless scan options enabled successfully. {% tab title="Model" %} Response object that includes the scan options of an AWS account. | Parent field | Field | Type | Description | | ------------ | ------------------ | ------- | ---------------------------------------------------------------------------------------------------------------- | | | data | object | Single AWS Scan Options entry. | | data | attributes | object | Attributes for the AWS scan options. | | attributes | compliance_host | boolean | Indicates whether host compliance scanning is enabled. | | attributes | lambda | boolean | Indicates if scanning of Lambda functions is enabled. | | attributes | sensitive_data | boolean | Indicates if scanning for sensitive data is enabled. | | attributes | vuln_containers_os | boolean | Indicates if scanning for vulnerabilities in containers is enabled. | | attributes | vuln_host_os | boolean | Indicates if scanning for vulnerabilities in hosts is enabled. | | data | id | string | The ID of the AWS account. | | data | type | enum | The type of the resource. The value should always be `aws_scan_options`. Allowed enum values: `aws_scan_options` | {% /tab %} {% tab title="Example" %} ```json { "data": { "attributes": { "compliance_host": false, "lambda": true, "sensitive_data": false, "vuln_containers_os": true, "vuln_host_os": true }, "id": "184366314700", "type": "aws_scan_options" } } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad Request {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="403" %} Not Authorized {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="409" %} Conflict {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \## default # \# Curl command curl -X POST "https://api.datadoghq.com/api/v2/agentless_scanning/accounts/aws" \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \ -d @- << EOF { "data": { "attributes": { "compliance_host": false, "lambda": true, "sensitive_data": false, "vuln_containers_os": true, "vuln_host_os": true }, "id": "123456789012", "type": "aws_scan_options" } } EOF ##### ```python """ Create AWS scan options returns "Agentless scan options enabled successfully." response """ from datadog_api_client import ApiClient, Configuration from datadog_api_client.v2.api.agentless_scanning_api import AgentlessScanningApi from datadog_api_client.v2.model.aws_scan_options_create_attributes import AwsScanOptionsCreateAttributes from datadog_api_client.v2.model.aws_scan_options_create_data import AwsScanOptionsCreateData from datadog_api_client.v2.model.aws_scan_options_create_request import AwsScanOptionsCreateRequest from datadog_api_client.v2.model.aws_scan_options_type import AwsScanOptionsType body = AwsScanOptionsCreateRequest( data=AwsScanOptionsCreateData( id="000000000003", type=AwsScanOptionsType.AWS_SCAN_OPTIONS, attributes=AwsScanOptionsCreateAttributes( compliance_host=True, _lambda=True, sensitive_data=False, vuln_containers_os=True, vuln_host_os=True, ), ), ) configuration = Configuration() with ApiClient(configuration) as api_client: api_instance = AgentlessScanningApi(api_client) response = api_instance.create_aws_scan_options(body=body) print(response) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" python3 "example.py" ##### ```ruby # Create AWS scan options returns "Agentless scan options enabled successfully." response require "datadog_api_client" api_instance = DatadogAPIClient::V2::AgentlessScanningAPI.new body = DatadogAPIClient::V2::AwsScanOptionsCreateRequest.new({ data: DatadogAPIClient::V2::AwsScanOptionsCreateData.new({ id: "000000000003", type: DatadogAPIClient::V2::AwsScanOptionsType::AWS_SCAN_OPTIONS, attributes: DatadogAPIClient::V2::AwsScanOptionsCreateAttributes.new({ compliance_host: true, lambda: true, sensitive_data: false, vuln_containers_os: true, vuln_host_os: true, }), }), }) p api_instance.create_aws_scan_options(body) ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" rb "example.rb" ##### ```go // Create AWS scan options returns "Agentless scan options enabled successfully." response package main import ( "context" "encoding/json" "fmt" "os" "github.com/DataDog/datadog-api-client-go/v2/api/datadog" "github.com/DataDog/datadog-api-client-go/v2/api/datadogV2" ) func main() { body := datadogV2.AwsScanOptionsCreateRequest{ Data: datadogV2.AwsScanOptionsCreateData{ Id: "000000000003", Type: datadogV2.AWSSCANOPTIONSTYPE_AWS_SCAN_OPTIONS, Attributes: datadogV2.AwsScanOptionsCreateAttributes{ ComplianceHost: true, Lambda: true, SensitiveData: false, VulnContainersOs: true, VulnHostOs: true, }, }, } ctx := datadog.NewDefaultContext(context.Background()) configuration := datadog.NewConfiguration() apiClient := datadog.NewAPIClient(configuration) api := datadogV2.NewAgentlessScanningApi(apiClient) resp, r, err := api.CreateAwsScanOptions(ctx, body) if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `AgentlessScanningApi.CreateAwsScanOptions`: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } responseContent, _ := json.MarshalIndent(resp, "", " ") fmt.Fprintf(os.Stdout, "Response from `AgentlessScanningApi.CreateAwsScanOptions`:\n%s\n", responseContent) } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" go run "main.go" ##### ```java // Create AWS scan options returns "Agentless scan options enabled successfully." response import com.datadog.api.client.ApiClient; import com.datadog.api.client.ApiException; import com.datadog.api.client.v2.api.AgentlessScanningApi; import com.datadog.api.client.v2.model.AwsScanOptionsCreateAttributes; import com.datadog.api.client.v2.model.AwsScanOptionsCreateData; import com.datadog.api.client.v2.model.AwsScanOptionsCreateRequest; import com.datadog.api.client.v2.model.AwsScanOptionsResponse; import com.datadog.api.client.v2.model.AwsScanOptionsType; public class Example { public static void main(String[] args) { ApiClient defaultClient = ApiClient.getDefaultApiClient(); AgentlessScanningApi apiInstance = new AgentlessScanningApi(defaultClient); AwsScanOptionsCreateRequest body = new AwsScanOptionsCreateRequest() .data( new AwsScanOptionsCreateData() .id("000000000003") .type(AwsScanOptionsType.AWS_SCAN_OPTIONS) .attributes( new AwsScanOptionsCreateAttributes() .complianceHost(true) .lambda(true) .sensitiveData(false) .vulnContainersOs(true) .vulnHostOs(true))); try { AwsScanOptionsResponse result = apiInstance.createAwsScanOptions(body); System.out.println(result); } catch (ApiException e) { System.err.println("Exception when calling AgentlessScanningApi#createAwsScanOptions"); System.err.println("Status code: " + e.getCode()); System.err.println("Reason: " + e.getResponseBody()); System.err.println("Response headers: " + e.getResponseHeaders()); e.printStackTrace(); } } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" java "Example.java" ##### ```rust // Create AWS scan options returns "Agentless scan options enabled successfully." // response use datadog_api_client::datadog; use datadog_api_client::datadogV2::api_agentless_scanning::AgentlessScanningAPI; use datadog_api_client::datadogV2::model::AwsScanOptionsCreateAttributes; use datadog_api_client::datadogV2::model::AwsScanOptionsCreateData; use datadog_api_client::datadogV2::model::AwsScanOptionsCreateRequest; use datadog_api_client::datadogV2::model::AwsScanOptionsType; #[tokio::main] async fn main() { let body = AwsScanOptionsCreateRequest::new(AwsScanOptionsCreateData::new( AwsScanOptionsCreateAttributes::new(true, true, false, true, true), "000000000003".to_string(), AwsScanOptionsType::AWS_SCAN_OPTIONS, )); let configuration = datadog::Configuration::new(); let api = AgentlessScanningAPI::with_config(configuration); let resp = api.create_aws_scan_options(body).await; if let Ok(value) = resp { println!("{:#?}", value); } else { println!("{:#?}", resp.unwrap_err()); } } ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" cargo run ##### ```typescript /** * Create AWS scan options returns "Agentless scan options enabled successfully." response */ import { client, v2 } from "@datadog/datadog-api-client"; const configuration = client.createConfiguration(); const apiInstance = new v2.AgentlessScanningApi(configuration); const params: v2.AgentlessScanningApiCreateAwsScanOptionsRequest = { body: { data: { id: "000000000003", type: "aws_scan_options", attributes: { complianceHost: true, lambda: true, sensitiveData: false, vulnContainersOs: true, vulnHostOs: true, }, }, }, }; apiInstance .createAwsScanOptions(params) .then((data: v2.AwsScanOptionsResponse) => { console.log( "API called successfully. Returned data: " + JSON.stringify(data) ); }) .catch((error: any) => console.error(error)); ``` #### Instructions First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands: DD_SITE="datadoghq.com" DD_API_KEY="" DD_APP_KEY="" tsc "example.ts" {% /tab %}