:doc:`inspectorscan <../../inspector-scan>` / Client / scan_sbom

*********
scan_sbom
*********



.. py:method:: inspectorscan.Client.scan_sbom(**kwargs)

  

  Scans a provided CycloneDX 1.5 SBOM and reports on any vulnerabilities discovered in that SBOM. You can generate compatible SBOMs for your resources using the `Amazon Inspector SBOM generator <https://docs.aws.amazon.com/inspector/latest/user/sbom-generator.html>`__.

   

  .. note::

    

    The output of this action reports NVD and CVSS scores when NVD and CVSS scores are available. Because the output reports both scores, you might notice a discrepency between them. However, you can triage the severity of either score depending on the vendor of your choosing.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/inspector-scan-2023-08-08/ScanSbom>`_  


  **Request Syntax**
  ::

    response = client.scan_sbom(
        sbom={...}|[...]|123|123.4|'string'|True|None,
        outputFormat='CYCLONE_DX_1_5'|'INSPECTOR'|'INSPECTOR_ALT'
    )
    
  :type sbom: :ref:`document<document>`
  :param sbom: **[REQUIRED]** 

    The JSON file for the SBOM you want to scan. The SBOM must be in CycloneDX 1.5 format. This format limits you to passing 2000 components before throwing a ``ValidException`` error.

    

  
  :type outputFormat: string
  :param outputFormat: 

    The output format for the vulnerability report.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'sbom': {...}|[...]|123|123.4|'string'|True|None
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **sbom** (:ref:`document<document>`) -- 

        The vulnerability report for the scanned SBOM.

        
  
  **Exceptions**
  
  *   :py:class:`inspectorscan.Client.exceptions.InternalServerException`

  
  *   :py:class:`inspectorscan.Client.exceptions.ThrottlingException`

  
  *   :py:class:`inspectorscan.Client.exceptions.ValidationException`

  
  *   :py:class:`inspectorscan.Client.exceptions.AccessDeniedException`

  