CfnPentestProps

class aws_cdk.aws_securityagent.CfnPentestProps(*, agent_space_id, assets, service_role, code_remediation_strategy=None, exclude_risk_types=None, log_config=None, network_traffic_config=None, title=None, vpc_config=None)

Bases: object

Properties for defining a CfnPentest.

Parameters:

agent_space_id (str) – Identifier of agent space where the pentest should be created.
assets (Union[IResolvable, AssetsProperty, Dict[str, Any]]) – Collection of assets to be tested during the pentest.
service_role (str) – Service role for accessing resources.
code_remediation_strategy (Optional[str]) – Strategy for remediating code vulnerabilities discovered during the pentest.
exclude_risk_types (Optional[Sequence[str]]) – A list of risk types excluded from the pentest execution.
log_config (Union[IResolvable, CloudWatchLogProperty, Dict[str, Any], None]) – CloudWatch Logs configuration for pentest output.
network_traffic_config (Union[IResolvable, NetworkTrafficConfigProperty, Dict[str, Any], None]) – Network traffic configuration for the pentest.
title (Optional[str]) – Title of the penetration test.
vpc_config (Union[IResolvable, VpcConfigProperty, Dict[str, Any], None]) – VPC configuration that the pentest agent accesses.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_securityagent as securityagent

cfn_pentest_props = securityagent.CfnPentestProps(
    agent_space_id="agentSpaceId",
    assets=securityagent.CfnPentest.AssetsProperty(
        actors=[securityagent.CfnPentest.ActorProperty(
            authentication=securityagent.CfnPentest.AuthenticationProperty(
                provider_type="providerType",
                value="value"
            ),
            description="description",
            identifier="identifier",
            uris=["uris"]
        )],
        documents=[securityagent.CfnPentest.DocumentInfoProperty(
            artifact_id="artifactId",
            s3_location="s3Location"
        )],
        endpoints=[securityagent.CfnPentest.EndpointProperty(
            uri="uri"
        )],
        integrated_repositories=[securityagent.CfnPentest.IntegratedRepositoryProperty(
            integration_id="integrationId",
            provider_resource_id="providerResourceId"
        )],
        source_code=[securityagent.CfnPentest.SourceCodeRepositoryProperty(
            s3_location="s3Location"
        )]
    ),
    service_role="serviceRole",

    # the properties below are optional
    code_remediation_strategy="codeRemediationStrategy",
    exclude_risk_types=["excludeRiskTypes"],
    log_config=securityagent.CfnPentest.CloudWatchLogProperty(
        log_group="logGroup",
        log_stream="logStream"
    ),
    network_traffic_config=securityagent.CfnPentest.NetworkTrafficConfigProperty(
        custom_headers=[securityagent.CfnPentest.CustomHeaderProperty(
            name="name",
            value="value"
        )],
        rules=[securityagent.CfnPentest.NetworkTrafficRuleProperty(
            effect="effect",
            network_traffic_rule_type="networkTrafficRuleType",
            pattern="pattern"
        )]
    ),
    title="title",
    vpc_config=securityagent.CfnPentest.VpcConfigProperty(
        security_group_arns=["securityGroupArns"],
        subnet_arns=["subnetArns"],
        vpc_arn="vpcArn"
    )
)