CreateAuditSuppression
Creates a Device Defender audit suppression.
Requires permission to access the CreateAuditSuppression action.
Request Syntax
POST /audit/suppressions/create HTTP/1.1
Content-type: application/json
{
"checkName": "string
",
"clientRequestToken": "string
",
"description": "string
",
"expirationDate": number
,
"resourceIdentifier": {
"account": "string
",
"caCertificateId": "string
",
"clientId": "string
",
"cognitoIdentityPoolId": "string
",
"deviceCertificateArn": "string
",
"deviceCertificateId": "string
",
"iamRoleArn": "string
",
"issuerCertificateIdentifier": {
"issuerCertificateSerialNumber": "string
",
"issuerCertificateSubject": "string
",
"issuerId": "string
"
},
"policyVersionIdentifier": {
"policyName": "string
",
"policyVersionId": "string
"
},
"roleAliasArn": "string
"
},
"suppressIndefinitely": boolean
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- checkName
-
An audit check name. Checks must be enabled for your account. (Use
DescribeAccountAuditConfiguration
to see the list of all checks, including those that are enabled or useUpdateAccountAuditConfiguration
to select which checks are enabled.)Type: String
Required: Yes
- clientRequestToken
-
Each audit supression must have a unique client request token. If you try to create a new audit suppression with the same token as one that already exists, an exception occurs. If you omit this value, AWS SDKs will automatically generate a unique client request.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
^[a-zA-Z0-9-_]+$
Required: Yes
- description
-
The description of the audit suppression.
Type: String
Length Constraints: Maximum length of 1000.
Pattern:
[\p{Graph}\x20]*
Required: No
- expirationDate
-
The epoch timestamp in seconds at which this suppression expires.
Type: Timestamp
Required: No
- resourceIdentifier
-
Information that identifies the noncompliant resource.
Type: ResourceIdentifier object
Required: Yes
- suppressIndefinitely
-
Indicates whether a suppression should exist indefinitely or not.
Type: Boolean
Required: No
Response Syntax
HTTP/1.1 200
Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Errors
- InternalFailureException
-
An unexpected error has occurred.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
HTTP Status Code: 400
- LimitExceededException
-
A limit has been exceeded.
HTTP Status Code: 410
- ResourceAlreadyExistsException
-
The resource already exists.
HTTP Status Code: 409
- ThrottlingException
-
The rate exceeds the limit.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: