CloudFormation / Client / start_resource_scan

start_resource_scan#

CloudFormation.Client.start_resource_scan(**kwargs)#

Starts a scan of the resources in this account in this Region. You can the status of a scan using the ListResourceScans API action.

See also: AWS API Documentation

Request Syntax

response = client.start_resource_scan(
    ClientRequestToken='string',
    ScanFilters=[
        {
            'Types': [
                'string',
            ]
        },
    ]
)
Parameters:
  • ClientRequestToken (string) – A unique identifier for this StartResourceScan request. Specify this token if you plan to retry requests so that CloudFormation knows that you’re not attempting to start a new resource scan.

  • ScanFilters (list) –

    The scan filters to use.

    • (dict) –

      A filter that is used to specify which resource types to scan.

      • Types (list) –

        An array of strings where each string represents an Amazon Web Services resource type you want to scan. Each string defines the resource type using the format AWS::ServiceName::ResourceType, for example, AWS::DynamoDB::Table. For the full list of supported resource types, see the Resource type support table in the CloudFormation User Guide.

        To scan all resource types within a service, you can use a wildcard, represented by an asterisk ( *). You can place a asterisk at only the end of the string, for example, AWS::S3::*.

        • (string) –

Return type:

dict

Returns:

Response Syntax

{
    'ResourceScanId': 'string'
}

Response Structure

  • (dict) –

    • ResourceScanId (string) –

      The Amazon Resource Name (ARN) of the resource scan. The format is arn:${Partition}:cloudformation:${Region}:${Account}:resourceScan/${Id}. An example is ``arn:aws:cloudformation:us-east-1:123456789012:resourceScan/f5b490f7-7ed4-428a-aa06-31ff25db0772 ``.

Exceptions