:doc:`GuardDuty <../../guardduty>` / Client / start_malware_scan

******************
start_malware_scan
******************



.. py:method:: GuardDuty.Client.start_malware_scan(**kwargs)

  

  Initiates the malware scan. Invoking this API will automatically create the `Service-linked role <https://docs.aws.amazon.com/guardduty/latest/ug/slr-permissions-malware-protection.html>`__ in the corresponding account if the resourceArn belongs to an EC2 instance.

   

  When the malware scan starts, you can use the associated scan ID to track the status of the scan. For more information, see `ListMalwareScans <https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListMalwareScans.html>`__ and `GetMalwareScan <https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetMalwareScan.html>`__.

   

  When you use this API, the Amazon Web Services service terms for GuardDuty Malware Protection apply. For more information, see `Amazon Web Services service terms for GuardDuty Malware Protection <http://aws.amazon.com/service-terms/#87._Amazon_GuardDuty>`__.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/StartMalwareScan>`_  


  **Request Syntax**
  ::

    response = client.start_malware_scan(
        ResourceArn='string',
        ClientToken='string',
        ScanConfiguration={
            'Role': 'string',
            'IncrementalScanDetails': {
                'BaselineResourceArn': 'string'
            },
            'RecoveryPoint': {
                'BackupVaultName': 'string'
            }
        }
    )
    
  :type ResourceArn: string
  :param ResourceArn: **[REQUIRED]** 

    Amazon Resource Name (ARN) of the resource for which you invoked the API.

    

  
  :type ClientToken: string
  :param ClientToken: 

    The idempotency token for the create request.

    This field is autopopulated if not provided.

  
  :type ScanConfiguration: dict
  :param ScanConfiguration: 

    Contains information about the configuration to be used for the malware scan.

    

  
    - **Role** *(string) --* **[REQUIRED]** 

      Amazon Resource Name (ARN) of the IAM role that is used for scanning the resource.

      

    
    - **IncrementalScanDetails** *(dict) --* 

      Contains information about the incremental scan configuration. When specified, the scan will only process changes since the baseline resource.

      

    
      - **BaselineResourceArn** *(string) --* **[REQUIRED]** 

        Amazon Resource Name (ARN) of the baseline resource used for incremental scanning. The scan will only process changes since this baseline resource was created.

        

      
    
    - **RecoveryPoint** *(dict) --* 

      Contains information about the recovery point configuration for the requested scan.

      

    
      - **BackupVaultName** *(string) --* **[REQUIRED]** 

        The name of the Amazon Web Services Backup vault that contains the name of the recovery point to be scanned.

        

      
    
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'ScanId': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **ScanId** *(string) --* 

        A unique identifier that gets generated when you invoke the API without any error. Each malware scan has a corresponding scan ID. Using this scan ID, you can monitor the status of your malware scan.

        
  
  **Exceptions**
  
  *   :py:class:`GuardDuty.Client.exceptions.BadRequestException`

  
  *   :py:class:`GuardDuty.Client.exceptions.ConflictException`

  
  *   :py:class:`GuardDuty.Client.exceptions.InternalServerErrorException`

  