SecurityAgent / Client / batch_get_pentests
batch_get_pentests¶
- SecurityAgent.Client.batch_get_pentests(**kwargs)¶
Retrieves information about one or more pentests in an agent space.
See also: AWS API Documentation
Request Syntax
response = client.batch_get_pentests( pentestIds=[ 'string', ], agentSpaceId='string' )
- Parameters:
pentestIds (list) –
[REQUIRED]
The list of pentest identifiers to retrieve.
(string) –
agentSpaceId (string) –
[REQUIRED]
The unique identifier of the agent space that contains the pentests.
- Return type:
dict
- Returns:
Response Syntax
{ 'pentests': [ { 'pentestId': 'string', 'agentSpaceId': 'string', 'title': 'string', 'assets': { 'endpoints': [ { 'uri': 'string' }, ], 'actors': [ { 'identifier': 'string', 'uris': [ 'string', ], 'authentication': { 'providerType': 'SECRETS_MANAGER'|'AWS_LAMBDA'|'AWS_IAM_ROLE'|'AWS_INTERNAL', 'value': 'string' }, 'description': 'string' }, ], 'documents': [ { 's3Location': 'string', 'artifactId': 'string' }, ], 'sourceCode': [ { 's3Location': 'string' }, ], 'integratedRepositories': [ { 'integrationId': 'string', 'providerResourceId': 'string' }, ] }, 'excludeRiskTypes': [ 'CROSS_SITE_SCRIPTING'|'DEFAULT_CREDENTIALS'|'INSECURE_DIRECT_OBJECT_REFERENCE'|'PRIVILEGE_ESCALATION'|'SERVER_SIDE_TEMPLATE_INJECTION'|'COMMAND_INJECTION'|'CODE_INJECTION'|'SQL_INJECTION'|'ARBITRARY_FILE_UPLOAD'|'INSECURE_DESERIALIZATION'|'LOCAL_FILE_INCLUSION'|'INFORMATION_DISCLOSURE'|'PATH_TRAVERSAL'|'SERVER_SIDE_REQUEST_FORGERY'|'JSON_WEB_TOKEN_VULNERABILITIES'|'XML_EXTERNAL_ENTITY'|'FILE_DELETION'|'OTHER'|'GRAPHQL_VULNERABILITIES'|'BUSINESS_LOGIC_VULNERABILITIES'|'CRYPTOGRAPHIC_VULNERABILITIES'|'DENIAL_OF_SERVICE'|'FILE_ACCESS'|'FILE_CREATION'|'DATABASE_MODIFICATION'|'DATABASE_ACCESS'|'OUTBOUND_SERVICE_REQUEST'|'UNKNOWN', ], 'serviceRole': 'string', 'logConfig': { 'logGroup': 'string', 'logStream': 'string' }, 'vpcConfig': { 'vpcArn': 'string', 'securityGroupArns': [ 'string', ], 'subnetArns': [ 'string', ] }, 'networkTrafficConfig': { 'rules': [ { 'effect': 'ALLOW'|'DENY', 'pattern': 'string', 'networkTrafficRuleType': 'URL' }, ], 'customHeaders': [ { 'name': 'string', 'value': 'string' }, ] }, 'codeRemediationStrategy': 'AUTOMATIC'|'DISABLED', 'createdAt': datetime(2015, 1, 1), 'updatedAt': datetime(2015, 1, 1) }, ], 'notFound': [ 'string', ] }
Response Structure
(dict) –
Output for the BatchGetPentests operation.
pentests (list) –
The list of pentests that were found.
(dict) –
Represents a pentest configuration that defines the parameters for security testing, including target assets, risk type exclusions, and infrastructure settings.
pentestId (string) –
The unique identifier of the pentest.
agentSpaceId (string) –
The unique identifier of the agent space that contains the pentest.
title (string) –
The title of the pentest.
assets (dict) –
The assets included in the pentest.
endpoints (list) –
The list of endpoints to test during the pentest.
(dict) –
Represents a target endpoint for penetration testing.
uri (string) –
The URI of the endpoint.
actors (list) –
The list of actors used during penetration testing.
(dict) –
Represents an actor used during penetration testing. An actor defines a user or entity that interacts with the target application, including authentication credentials and target URIs.
identifier (string) –
The unique identifier for the actor.
uris (list) –
The list of URIs that the actor targets during testing.
(string) –
authentication (dict) –
The authentication configuration for the actor.
providerType (string) –
The type of authentication provider. Valid values include SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, and AWS_INTERNAL.
value (string) –
The authentication value, such as a secret ARN, Lambda function ARN, or IAM role ARN, depending on the provider type.
description (string) –
A description of the actor.
documents (list) –
The list of documents that provide context for the pentest.
(dict) –
Represents a document that provides context for security testing.
s3Location (string) –
The Amazon S3 location of the document.
artifactId (string) –
The unique identifier of the artifact associated with the document.
sourceCode (list) –
The list of source code repositories to analyze during the pentest.
(dict) –
Represents a source code repository used for security analysis during a pentest.
s3Location (string) –
The Amazon S3 location of the source code repository archive.
integratedRepositories (list) –
The list of integrated repositories associated with the pentest.
(dict) –
Represents a code repository that is integrated with the service through a third-party provider.
integrationId (string) –
The unique identifier of the integration that provides access to the repository.
providerResourceId (string) –
The provider-specific resource identifier for the repository.
excludeRiskTypes (list) –
The list of risk types excluded from the pentest.
(string) –
Type of security risk.
serviceRole (string) –
The IAM service role used for the pentest.
logConfig (dict) –
The CloudWatch Logs configuration for the pentest.
logGroup (string) –
The name of the CloudWatch log group.
logStream (string) –
The name of the CloudWatch log stream.
vpcConfig (dict) –
The VPC configuration for the pentest.
vpcArn (string) –
The Amazon Resource Name (ARN) of the VPC.
securityGroupArns (list) –
The Amazon Resource Names (ARNs) of the security groups for the VPC configuration.
(string) –
ARN or ID of a security group.
subnetArns (list) –
The Amazon Resource Names (ARNs) of the subnets for the VPC configuration.
(string) –
ARN or ID of a subnet.
networkTrafficConfig (dict) –
The network traffic configuration for the pentest.
rules (list) –
The list of network traffic rules that control which URLs are allowed or denied during testing.
(dict) –
A rule that controls network traffic during penetration testing by allowing or denying traffic to specific URL patterns.
effect (string) –
The effect of the rule. Valid values are ALLOW and DENY.
pattern (string) –
The URL pattern to match for the rule.
networkTrafficRuleType (string) –
The type of the network traffic rule. Currently, only URL is supported.
customHeaders (list) –
The list of custom HTTP headers to include in network traffic during testing.
(dict) –
A custom HTTP header to include in network traffic during penetration testing.
name (string) –
The name of the custom header.
value (string) –
The value of the custom header.
codeRemediationStrategy (string) –
The code remediation strategy for the pentest.
createdAt (datetime) –
The date and time the pentest was created, in UTC format.
updatedAt (datetime) –
The date and time the pentest was last updated, in UTC format.
notFound (list) –
The list of pentest identifiers that were not found.
(string) –