Class: Aws::SecurityAgent::Client

Inherits:
Seahorse::Client::Base show all
Includes:
ClientStubs
Defined in:
gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb

Overview

An API client for SecurityAgent. To construct a client, you need to configure a :region and :credentials.

client = Aws::SecurityAgent::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

For details on configuring region and credentials see the developer guide.

See #initialize for a full list of supported configuration options.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations collapse

Instance Method Summary collapse

Methods included from ClientStubs

#api_requests, #stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options) ⇒ Client

Returns a new instance of Client.

Parameters:

  • options (Hash)

Options Hash (options):

  • :plugins (Array<Seahorse::Client::Plugin>) — default: []]

    A list of plugins to apply to the client. Each plugin is either a class name or an instance of a plugin class.

  • :credentials (required, Aws::CredentialProvider)

    Your AWS credentials used for authentication. This can be any class that includes and implements Aws::CredentialProvider, or instance of any one of the following classes:

    • Aws::Credentials - Used for configuring static, non-refreshing credentials.

    • Aws::SharedCredentials - Used for loading static credentials from a shared file, such as ~/.aws/config.

    • Aws::AssumeRoleCredentials - Used when you need to assume a role.

    • Aws::AssumeRoleWebIdentityCredentials - Used when you need to assume a role after providing credentials via the web.

    • Aws::SSOCredentials - Used for loading credentials from AWS SSO using an access token generated from aws login.

    • Aws::ProcessCredentials - Used for loading credentials from a process that outputs to stdout.

    • Aws::InstanceProfileCredentials - Used for loading credentials from an EC2 IMDS on an EC2 instance.

    • Aws::ECSCredentials - Used for loading credentials from instances running in ECS.

    • Aws::CognitoIdentityCredentials - Used for loading credentials from the Cognito Identity service.

    When :credentials are not configured directly, the following locations will be searched for credentials:

    • Aws.config[:credentials]

    • The :access_key_id, :secret_access_key, :session_token, and :account_id options.

    • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'], ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID'].

    • ~/.aws/credentials

    • ~/.aws/config

    • EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive. Construct and pass an instance of Aws::InstanceProfileCredentials or Aws::ECSCredentials to enable retries and extended timeouts. Instance profile credential fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] to true.

  • :region (required, String)

    The AWS region to connect to. The configured :region is used to determine the service :endpoint. When not passed, a default :region is searched for in the following locations:

    • Aws.config[:region]
    • ENV['AWS_REGION']
    • ENV['AMAZON_REGION']
    • ENV['AWS_DEFAULT_REGION']
    • ~/.aws/credentials
    • ~/.aws/config
  • :access_key_id (String)
  • :account_id (String)
  • :active_endpoint_cache (Boolean) — default: false

    When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false.

  • :adaptive_retry_wait_to_fill (Boolean) — default: true

    Used only in adaptive retry mode. When true, the request will sleep until there is sufficent client side capacity to retry the request. When false, the request will raise a RetryCapacityNotAvailableError and will not retry instead of sleeping.

  • :auth_scheme_preference (Array<String>)

    A list of preferred authentication schemes to use when making a request. Supported values are: sigv4, sigv4a, httpBearerAuth, and noAuth. When set using ENV['AWS_AUTH_SCHEME_PREFERENCE'] or in shared config as auth_scheme_preference, the value should be a comma-separated list.

  • :client_side_monitoring (Boolean) — default: false

    When true, client-side metrics will be collected for all API requests from this client.

  • :client_side_monitoring_client_id (String) — default: ""

    Allows you to provide an identifier for this client which will be attached to all generated client side metrics. Defaults to an empty string.

  • :client_side_monitoring_host (String) — default: "127.0.0.1"

    Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_port (Integer) — default: 31000

    Required for publishing client metrics. The port that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) — default: Aws::ClientSideMonitoring::Publisher

    Allows you to provide a custom client-side monitoring publisher class. By default, will use the Client Side Monitoring Agent Publisher.

  • :convert_params (Boolean) — default: true

    When true, an attempt is made to coerce request parameters into the required types.

  • :correct_clock_skew (Boolean) — default: true

    Used only in standard and adaptive retry modes. Specifies whether to apply a clock skew correction and retry requests with skewed client clocks.

  • :defaults_mode (String) — default: "legacy"

    See DefaultsModeConfiguration for a list of the accepted modes and the configuration defaults that are included.

  • :disable_host_prefix_injection (Boolean) — default: false

    When true, the SDK will not prepend the modeled host prefix to the endpoint.

  • :disable_request_compression (Boolean) — default: false

    When set to 'true' the request body will not be compressed for supported operations.

  • :endpoint (String, URI::HTTPS, URI::HTTP)

    Normally you should not configure the :endpoint option directly. This is normally constructed from the :region option. Configuring :endpoint is normally reserved for connecting to test or custom endpoints. The endpoint should be a URI formatted like:

    'http://example.com'
'https://example.com'
'http://example.com:123'
  • :endpoint_cache_max_entries (Integer) — default: 1000

    Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000.

  • :endpoint_cache_max_threads (Integer) — default: 10

    Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.

  • :endpoint_cache_poll_interval (Integer) — default: 60

    When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec.

  • :endpoint_discovery (Boolean) — default: false

    When set to true, endpoint discovery will be enabled for operations when available.

  • :ignore_configured_endpoint_urls (Boolean)

    Setting to true disables use of endpoint URLs provided via environment variables and the shared configuration file.

  • :log_formatter (Aws::Log::Formatter) — default: Aws::Log::Formatter.default

    The log formatter.

  • :log_level (Symbol) — default: :info

    The log level to send messages to the :logger at.

  • :logger (Logger)

    The Logger instance to send log messages to. If this option is not set, logging will be disabled.

  • :max_attempts (Integer) — default: 3

    An integer representing the maximum number attempts that will be made for a single request, including the initial attempt. For example, setting this value to 5 will result in a request being retried up to 4 times. Used in standard and adaptive retry modes.

  • :profile (String) — default: "default"

    Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used.

  • :request_checksum_calculation (String) — default: "when_supported"

    Determines when a checksum will be calculated for request payloads. Values are:

    • when_supported - (default) When set, a checksum will be calculated for all request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true and/or a requestAlgorithmMember is modeled.
    • when_required - When set, a checksum will only be calculated for request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true or where a requestAlgorithmMember is modeled and supplied.
  • :request_min_compression_size_bytes (Integer) — default: 10240

    The minimum size in bytes that triggers compression for request bodies. The value must be non-negative integer value between 0 and 10485780 bytes inclusive.

  • :response_checksum_validation (String) — default: "when_supported"

    Determines when checksum validation will be performed on response payloads. Values are:

    • when_supported - (default) When set, checksum validation is performed on all response payloads of operations modeled with the httpChecksum trait where responseAlgorithms is modeled, except when no modeled checksum algorithms are supported.
    • when_required - When set, checksum validation is not performed on response payloads of operations unless the checksum algorithm is supported and the requestValidationModeMember member is set to ENABLED.
  • :retry_backoff (Proc)

    A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. This option is only used in the legacy retry mode.

  • :retry_base_delay (Float) — default: 0.3

    The base delay in seconds used by the default backoff function. This option is only used in the legacy retry mode.

  • :retry_jitter (Symbol) — default: :none

    A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number. This option is only used in the legacy retry mode.

    @see https://www.awsarchitectureblog.com/2015/03/backoff.html

  • :retry_limit (Integer) — default: 3

    The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors, auth errors, endpoint discovery, and errors from expired credentials. This option is only used in the legacy retry mode.

  • :retry_max_delay (Integer) — default: 0

    The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function. This option is only used in the legacy retry mode.

  • :retry_mode (String) — default: "legacy"

    Specifies which retry algorithm to use. Values are:

    • legacy - The pre-existing retry behavior. This is the default value if no retry mode is provided.

    • standard - A standardized set of retry rules across the AWS SDKs. This includes support for retry quotas, which limit the number of unsuccessful retries a client can make.

    • adaptive - A retry mode that includes all the functionality of standard mode along with automatic client side throttling.

  • :sdk_ua_app_id (String)

    A unique and opaque application ID that is appended to the User-Agent header as app/sdk_ua_app_id. It should have a maximum length of 50. This variable is sourced from environment variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.

  • :secret_access_key (String)
  • :session_token (String)
  • :sigv4a_signing_region_set (Array)

    A list of regions that should be signed with SigV4a signing. When not passed, a default :sigv4a_signing_region_set is searched for in the following locations:

    • Aws.config[:sigv4a_signing_region_set]
    • ENV['AWS_SIGV4A_SIGNING_REGION_SET']
    • ~/.aws/config
  • :stub_responses (Boolean) — default: false

    Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

    Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled.

  • :telemetry_provider (Aws::Telemetry::TelemetryProviderBase) — default: Aws::Telemetry::NoOpTelemetryProvider

    Allows you to provide a telemetry provider, which is used to emit telemetry data. By default, uses NoOpTelemetryProvider which will not record or emit any telemetry data. The SDK supports the following telemetry providers:

    • OpenTelemetry (OTel) - To use the OTel provider, install and require the opentelemetry-sdk gem and then, pass in an instance of a Aws::Telemetry::OTelProvider for telemetry provider.
  • :token_provider (Aws::TokenProvider)

    Your Bearer token used for authentication. This can be any class that includes and implements Aws::TokenProvider, or instance of any one of the following classes:

    • Aws::StaticTokenProvider - Used for configuring static, non-refreshing tokens.

    • Aws::SSOTokenProvider - Used for loading tokens from AWS SSO using an access token generated from aws login.

    When :token_provider is not configured directly, the Aws::TokenProviderChain will be used to search for tokens configured for your profile in shared configuration files.

  • :use_dualstack_endpoint (Boolean)

    When set to true, dualstack enabled endpoints (with .aws TLD) will be used if available.

  • :use_fips_endpoint (Boolean)

    When set to true, fips compatible endpoints will be used if available. When a fips region is used, the region is normalized and this config is set to true.

  • :validate_params (Boolean) — default: true

    When true, request parameters are validated before sending the request.

  • :endpoint_provider (Aws::SecurityAgent::EndpointProvider)

    The endpoint provider used to resolve endpoints. Any object that responds to #resolve_endpoint(parameters) where parameters is a Struct similar to Aws::SecurityAgent::EndpointParameters.

  • :http_continue_timeout (Float) — default: 1

    The number of seconds to wait for a 100-continue response before sending the request body. This option has no effect unless the request has "Expect" header set to "100-continue". Defaults to nil which disables this behaviour. This value can safely be set per request on the session.

  • :http_idle_timeout (Float) — default: 5

    The number of seconds a connection is allowed to sit idle before it is considered stale. Stale connections are closed and removed from the pool before making a request.

  • :http_open_timeout (Float) — default: 15

    The default number of seconds to wait for response data. This value can safely be set per-request on the session.

  • :http_proxy (URI::HTTP, String)

    A proxy to send requests through. Formatted like 'http://proxy.com:123'.

  • :http_read_timeout (Float) — default: 60

    The default number of seconds to wait for response data. This value can safely be set per-request on the session.

  • :http_wire_trace (Boolean) — default: false

    When true, HTTP debug output will be sent to the :logger.

  • :on_chunk_received (Proc)

    When a Proc object is provided, it will be used as callback when each chunk of the response body is received. It provides three arguments: the chunk, the number of bytes received, and the total number of bytes in the response (or nil if the server did not send a content-length).

  • :on_chunk_sent (Proc)

    When a Proc object is provided, it will be used as callback when each chunk of the request body is sent. It provides three arguments: the chunk, the number of bytes read from the body, and the total number of bytes in the body.

  • :raise_response_errors (Boolean) — default: true

    When true, response errors are raised.

  • :ssl_ca_bundle (String)

    Full path to the SSL certificate authority bundle file that should be used when verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

  • :ssl_ca_directory (String)

    Full path of the directory that contains the unbundled SSL certificate authority files for verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

  • :ssl_ca_store (String)

    Sets the X509::Store to verify peer certificate.

  • :ssl_cert (OpenSSL::X509::Certificate)

    Sets a client certificate when creating http connections.

  • :ssl_key (OpenSSL::PKey)

    Sets a client key when creating http connections.

  • :ssl_timeout (Float)

    Sets the SSL timeout in seconds

  • :ssl_verify_peer (Boolean) — default: true

    When true, SSL peer certificates are verified when establishing a connection.



471
472
473
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 471

def initialize(*args)
  super
end

Instance Method Details

#add_artifact(params = {}) ⇒ Types::AddArtifactOutput

Uploads an artifact to an agent space. Artifacts provide additional context for security testing, such as architecture diagrams, API specifications, or configuration files.

Examples:

Request syntax with placeholder values


resp = client.add_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_content: "data", # required
  artifact_type: "TXT", # required, accepts TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, YAML
  file_name: "String", # required
})

Response structure


resp.artifact_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to add the artifact to.

  • :artifact_content (required, String, StringIO, File)

    The binary content of the artifact to upload.

  • :artifact_type (required, String)

    The file type of the artifact. Valid values include TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, and YAML.

  • :file_name (required, String)

    The file name of the artifact.

Returns:

See Also:



515
516
517
518
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 515

def add_artifact(params = {}, options = {})
  req = build_request(:add_artifact, params)
  req.send_request(options)
end

#batch_delete_code_reviews(params = {}) ⇒ Types::BatchDeleteCodeReviewsOutput

Deletes one or more code reviews from an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_delete_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.deleted #=> Array
resp.deleted[0] #=> String
resp.failed #=> Array
resp.failed[0].code_review_id #=> String
resp.failed[0].reason #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_ids (required, Array<String>)

    The list of code review identifiers to delete.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code reviews to delete.

Returns:

See Also:



553
554
555
556
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 553

def batch_delete_code_reviews(params = {}, options = {})
  req = build_request(:batch_delete_code_reviews, params)
  req.send_request(options)
end

#batch_delete_pentests(params = {}) ⇒ Types::BatchDeletePentestsOutput

Deletes one or more pentests from an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_delete_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.deleted #=> Array
resp.deleted[0].pentest_id #=> String
resp.deleted[0].agent_space_id #=> String
resp.deleted[0].title #=> String
resp.deleted[0].assets.endpoints #=> Array
resp.deleted[0].assets.endpoints[0].uri #=> String
resp.deleted[0].assets.actors #=> Array
resp.deleted[0].assets.actors[0].identifier #=> String
resp.deleted[0].assets.actors[0].uris #=> Array
resp.deleted[0].assets.actors[0].uris[0] #=> String
resp.deleted[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.deleted[0].assets.actors[0].authentication.value #=> String
resp.deleted[0].assets.actors[0].description #=> String
resp.deleted[0].assets.documents #=> Array
resp.deleted[0].assets.documents[0].s3_location #=> String
resp.deleted[0].assets.documents[0].artifact_id #=> String
resp.deleted[0].assets.source_code #=> Array
resp.deleted[0].assets.source_code[0].s3_location #=> String
resp.deleted[0].assets.integrated_repositories #=> Array
resp.deleted[0].assets.integrated_repositories[0].integration_id #=> String
resp.deleted[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.deleted[0].exclude_risk_types #=> Array
resp.deleted[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.deleted[0].service_role #=> String
resp.deleted[0].log_config.log_group #=> String
resp.deleted[0].log_config.log_stream #=> String
resp.deleted[0].vpc_config.vpc_arn #=> String
resp.deleted[0].vpc_config.security_group_arns #=> Array
resp.deleted[0].vpc_config.security_group_arns[0] #=> String
resp.deleted[0].vpc_config.subnet_arns #=> Array
resp.deleted[0].vpc_config.subnet_arns[0] #=> String
resp.deleted[0].network_traffic_config.rules #=> Array
resp.deleted[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.deleted[0].network_traffic_config.rules[0].pattern #=> String
resp.deleted[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.deleted[0].network_traffic_config.custom_headers #=> Array
resp.deleted[0].network_traffic_config.custom_headers[0].name #=> String
resp.deleted[0].network_traffic_config.custom_headers[0].value #=> String
resp.deleted[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.deleted[0].created_at #=> Time
resp.deleted[0].updated_at #=> Time
resp.failed #=> Array
resp.failed[0].pentest_id #=> String
resp.failed[0].reason #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_ids (required, Array<String>)

    The list of pentest identifiers to delete.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentests to delete.

Returns:

See Also:



630
631
632
633
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 630

def batch_delete_pentests(params = {}, options = {})
  req = build_request(:batch_delete_pentests, params)
  req.send_request(options)
end

#batch_get_agent_spaces(params = {}) ⇒ Types::BatchGetAgentSpacesOutput

Retrieves information about one or more agent spaces.

Examples:

Request syntax with placeholder values


resp = client.batch_get_agent_spaces({
  agent_space_ids: ["AgentSpaceId"], # required
})

Response structure


resp.agent_spaces #=> Array
resp.agent_spaces[0].agent_space_id #=> String
resp.agent_spaces[0].name #=> String
resp.agent_spaces[0].description #=> String
resp.agent_spaces[0].aws_resources.vpcs #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].vpc_arn #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.agent_spaces[0].aws_resources.log_groups #=> Array
resp.agent_spaces[0].aws_resources.log_groups[0] #=> String
resp.agent_spaces[0].aws_resources.s3_buckets #=> Array
resp.agent_spaces[0].aws_resources.s3_buckets[0] #=> String
resp.agent_spaces[0].aws_resources.secret_arns #=> Array
resp.agent_spaces[0].aws_resources.secret_arns[0] #=> String
resp.agent_spaces[0].aws_resources.lambda_function_arns #=> Array
resp.agent_spaces[0].aws_resources.lambda_function_arns[0] #=> String
resp.agent_spaces[0].aws_resources.iam_roles #=> Array
resp.agent_spaces[0].aws_resources.iam_roles[0] #=> String
resp.agent_spaces[0].target_domain_ids #=> Array
resp.agent_spaces[0].target_domain_ids[0] #=> String
resp.agent_spaces[0].code_review_settings.controls_scanning #=> Boolean
resp.agent_spaces[0].code_review_settings.general_purpose_scanning #=> Boolean
resp.agent_spaces[0].kms_key_id #=> String
resp.agent_spaces[0].created_at #=> Time
resp.agent_spaces[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_ids (required, Array<String>)

    The list of agent space identifiers to retrieve.

Returns:

See Also:



687
688
689
690
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 687

def batch_get_agent_spaces(params = {}, options = {})
  req = build_request(:batch_get_agent_spaces, params)
  req.send_request(options)
end

#batch_get_artifact_metadata(params = {}) ⇒ Types::BatchGetArtifactMetadataOutput

Retrieves metadata for one or more artifacts in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_artifact_metadata({
  agent_space_id: "AgentSpaceId", # required
  artifact_ids: ["ArtifactId"], # required
})

Response structure


resp.artifact_metadata_list #=> Array
resp.artifact_metadata_list[0].agent_space_id #=> String
resp.artifact_metadata_list[0].artifact_id #=> String
resp.artifact_metadata_list[0].file_name #=> String
resp.artifact_metadata_list[0].updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the artifacts.

  • :artifact_ids (required, Array<String>)

    The list of artifact identifiers to retrieve metadata for.

Returns:

See Also:



723
724
725
726
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 723

def batch_get_artifact_metadata(params = {}, options = {})
  req = build_request(:batch_get_artifact_metadata, params)
  req.send_request(options)
end

#batch_get_code_review_job_tasks(params = {}) ⇒ Types::BatchGetCodeReviewJobTasksOutput

Retrieves information about one or more tasks within a code review job.

Examples:

Request syntax with placeholder values


resp = client.batch_get_code_review_job_tasks({
  agent_space_id: "String", # required
  code_review_job_task_ids: ["String"], # required
})

Response structure


resp.code_review_job_tasks #=> Array
resp.code_review_job_tasks[0].task_id #=> String
resp.code_review_job_tasks[0].code_review_id #=> String
resp.code_review_job_tasks[0].code_review_job_id #=> String
resp.code_review_job_tasks[0].agent_space_id #=> String
resp.code_review_job_tasks[0].title #=> String
resp.code_review_job_tasks[0].description #=> String
resp.code_review_job_tasks[0].categories #=> Array
resp.code_review_job_tasks[0].categories[0].name #=> String
resp.code_review_job_tasks[0].categories[0].is_primary #=> Boolean
resp.code_review_job_tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.code_review_job_tasks[0].created_at #=> Time
resp.code_review_job_tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the tasks.

  • :code_review_job_task_ids (required, Array<String>)

    The list of task identifiers to retrieve.

Returns:

See Also:



775
776
777
778
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 775

def batch_get_code_review_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_code_review_job_tasks, params)
  req.send_request(options)
end

#batch_get_code_review_jobs(params = {}) ⇒ Types::BatchGetCodeReviewJobsOutput

Retrieves information about one or more code review jobs in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_code_review_jobs({
  code_review_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.code_review_jobs #=> Array
resp.code_review_jobs[0].code_review_job_id #=> String
resp.code_review_jobs[0].code_review_id #=> String
resp.code_review_jobs[0].title #=> String
resp.code_review_jobs[0].overview #=> String
resp.code_review_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_jobs[0].documents #=> Array
resp.code_review_jobs[0].documents[0].s3_location #=> String
resp.code_review_jobs[0].documents[0].artifact_id #=> String
resp.code_review_jobs[0].source_code #=> Array
resp.code_review_jobs[0].source_code[0].s3_location #=> String
resp.code_review_jobs[0].steps #=> Array
resp.code_review_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
resp.code_review_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.code_review_jobs[0].steps[0].created_at #=> Time
resp.code_review_jobs[0].steps[0].updated_at #=> Time
resp.code_review_jobs[0].execution_context #=> Array
resp.code_review_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.code_review_jobs[0].execution_context[0].context #=> String
resp.code_review_jobs[0].execution_context[0].timestamp #=> Time
resp.code_review_jobs[0].service_role #=> String
resp.code_review_jobs[0].log_config.log_group #=> String
resp.code_review_jobs[0].log_config.log_stream #=> String
resp.code_review_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.code_review_jobs[0].error_information.message #=> String
resp.code_review_jobs[0].integrated_repositories #=> Array
resp.code_review_jobs[0].integrated_repositories[0].integration_id #=> String
resp.code_review_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.code_review_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_review_jobs[0].created_at #=> Time
resp.code_review_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_job_ids (required, Array<String>)

    The list of code review job identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code review jobs.

Returns:

See Also:



842
843
844
845
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 842

def batch_get_code_review_jobs(params = {}, options = {})
  req = build_request(:batch_get_code_review_jobs, params)
  req.send_request(options)
end

#batch_get_code_reviews(params = {}) ⇒ Types::BatchGetCodeReviewsOutput

Retrieves information about one or more code reviews in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.code_reviews #=> Array
resp.code_reviews[0].code_review_id #=> String
resp.code_reviews[0].agent_space_id #=> String
resp.code_reviews[0].title #=> String
resp.code_reviews[0].assets.endpoints #=> Array
resp.code_reviews[0].assets.endpoints[0].uri #=> String
resp.code_reviews[0].assets.actors #=> Array
resp.code_reviews[0].assets.actors[0].identifier #=> String
resp.code_reviews[0].assets.actors[0].uris #=> Array
resp.code_reviews[0].assets.actors[0].uris[0] #=> String
resp.code_reviews[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.code_reviews[0].assets.actors[0].authentication.value #=> String
resp.code_reviews[0].assets.actors[0].description #=> String
resp.code_reviews[0].assets.documents #=> Array
resp.code_reviews[0].assets.documents[0].s3_location #=> String
resp.code_reviews[0].assets.documents[0].artifact_id #=> String
resp.code_reviews[0].assets.source_code #=> Array
resp.code_reviews[0].assets.source_code[0].s3_location #=> String
resp.code_reviews[0].assets.integrated_repositories #=> Array
resp.code_reviews[0].assets.integrated_repositories[0].integration_id #=> String
resp.code_reviews[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.code_reviews[0].service_role #=> String
resp.code_reviews[0].log_config.log_group #=> String
resp.code_reviews[0].log_config.log_stream #=> String
resp.code_reviews[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_reviews[0].created_at #=> Time
resp.code_reviews[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_ids (required, Array<String>)

    The list of code review identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code reviews.

Returns:

See Also:



905
906
907
908
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 905

def batch_get_code_reviews(params = {}, options = {})
  req = build_request(:batch_get_code_reviews, params)
  req.send_request(options)
end

#batch_get_findings(params = {}) ⇒ Types::BatchGetFindingsOutput

Retrieves information about one or more security findings in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_findings({
  finding_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.findings #=> Array
resp.findings[0].finding_id #=> String
resp.findings[0].agent_space_id #=> String
resp.findings[0].pentest_id #=> String
resp.findings[0].pentest_job_id #=> String
resp.findings[0].code_review_id #=> String
resp.findings[0].code_review_job_id #=> String
resp.findings[0].task_id #=> String
resp.findings[0].name #=> String
resp.findings[0].description #=> String
resp.findings[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings[0].risk_type #=> String
resp.findings[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings[0].risk_score #=> String
resp.findings[0].reasoning #=> String
resp.findings[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings[0].attack_script #=> String
resp.findings[0].code_remediation_task.status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED"
resp.findings[0].code_remediation_task.status_reason #=> String
resp.findings[0].code_remediation_task.task_details #=> Array
resp.findings[0].code_remediation_task.task_details[0].repo_name #=> String
resp.findings[0].code_remediation_task.task_details[0].code_diff_link #=> String
resp.findings[0].code_remediation_task.task_details[0].pull_request_link #=> String
resp.findings[0].last_updated_by #=> String
resp.findings[0].code_locations #=> Array
resp.findings[0].code_locations[0].file_path #=> String
resp.findings[0].code_locations[0].line_start #=> Integer
resp.findings[0].code_locations[0].line_end #=> Integer
resp.findings[0].code_locations[0].label #=> String
resp.findings[0].created_at #=> Time
resp.findings[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_ids (required, Array<String>)

    The list of finding identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the findings.

Returns:

See Also:



971
972
973
974
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 971

def batch_get_findings(params = {}, options = {})
  req = build_request(:batch_get_findings, params)
  req.send_request(options)
end

#batch_get_pentest_job_tasks(params = {}) ⇒ Types::BatchGetPentestJobTasksOutput

Retrieves information about one or more tasks within a pentest job.

Examples:

Request syntax with placeholder values


resp = client.batch_get_pentest_job_tasks({
  agent_space_id: "String", # required
  task_ids: ["String"], # required
})

Response structure


resp.tasks #=> Array
resp.tasks[0].task_id #=> String
resp.tasks[0].pentest_id #=> String
resp.tasks[0].pentest_job_id #=> String
resp.tasks[0].agent_space_id #=> String
resp.tasks[0].title #=> String
resp.tasks[0].description #=> String
resp.tasks[0].categories #=> Array
resp.tasks[0].categories[0].name #=> String
resp.tasks[0].categories[0].is_primary #=> Boolean
resp.tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.tasks[0].target_endpoint.uri #=> String
resp.tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.tasks[0].created_at #=> Time
resp.tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the tasks.

  • :task_ids (required, Array<String>)

    The list of task identifiers to retrieve.

Returns:

See Also:



1023
1024
1025
1026
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1023

def batch_get_pentest_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_pentest_job_tasks, params)
  req.send_request(options)
end

#batch_get_pentest_jobs(params = {}) ⇒ Types::BatchGetPentestJobsOutput

Retrieves information about one or more pentest jobs in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_pentest_jobs({
  pentest_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.pentest_jobs #=> Array
resp.pentest_jobs[0].pentest_job_id #=> String
resp.pentest_jobs[0].pentest_id #=> String
resp.pentest_jobs[0].title #=> String
resp.pentest_jobs[0].overview #=> String
resp.pentest_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_jobs[0].endpoints #=> Array
resp.pentest_jobs[0].endpoints[0].uri #=> String
resp.pentest_jobs[0].actors #=> Array
resp.pentest_jobs[0].actors[0].identifier #=> String
resp.pentest_jobs[0].actors[0].uris #=> Array
resp.pentest_jobs[0].actors[0].uris[0] #=> String
resp.pentest_jobs[0].actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentest_jobs[0].actors[0].authentication.value #=> String
resp.pentest_jobs[0].actors[0].description #=> String
resp.pentest_jobs[0].documents #=> Array
resp.pentest_jobs[0].documents[0].s3_location #=> String
resp.pentest_jobs[0].documents[0].artifact_id #=> String
resp.pentest_jobs[0].source_code #=> Array
resp.pentest_jobs[0].source_code[0].s3_location #=> String
resp.pentest_jobs[0].exclude_paths #=> Array
resp.pentest_jobs[0].exclude_paths[0].uri #=> String
resp.pentest_jobs[0].allowed_domains #=> Array
resp.pentest_jobs[0].allowed_domains[0].uri #=> String
resp.pentest_jobs[0].exclude_risk_types #=> Array
resp.pentest_jobs[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentest_jobs[0].steps #=> Array
resp.pentest_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
resp.pentest_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.pentest_jobs[0].steps[0].created_at #=> Time
resp.pentest_jobs[0].steps[0].updated_at #=> Time
resp.pentest_jobs[0].execution_context #=> Array
resp.pentest_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.pentest_jobs[0].execution_context[0].context #=> String
resp.pentest_jobs[0].execution_context[0].timestamp #=> Time
resp.pentest_jobs[0].service_role #=> String
resp.pentest_jobs[0].log_config.log_group #=> String
resp.pentest_jobs[0].log_config.log_stream #=> String
resp.pentest_jobs[0].vpc_config.vpc_arn #=> String
resp.pentest_jobs[0].vpc_config.security_group_arns #=> Array
resp.pentest_jobs[0].vpc_config.security_group_arns[0] #=> String
resp.pentest_jobs[0].vpc_config.subnet_arns #=> Array
resp.pentest_jobs[0].vpc_config.subnet_arns[0] #=> String
resp.pentest_jobs[0].network_traffic_config.rules #=> Array
resp.pentest_jobs[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentest_jobs[0].network_traffic_config.rules[0].pattern #=> String
resp.pentest_jobs[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentest_jobs[0].network_traffic_config.custom_headers #=> Array
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentest_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.pentest_jobs[0].error_information.message #=> String
resp.pentest_jobs[0].integrated_repositories #=> Array
resp.pentest_jobs[0].integrated_repositories[0].integration_id #=> String
resp.pentest_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.pentest_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentest_jobs[0].created_at #=> Time
resp.pentest_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_job_ids (required, Array<String>)

    The list of pentest job identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentest jobs.

Returns:

See Also:



1117
1118
1119
1120
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1117

def batch_get_pentest_jobs(params = {}, options = {})
  req = build_request(:batch_get_pentest_jobs, params)
  req.send_request(options)
end

#batch_get_pentests(params = {}) ⇒ Types::BatchGetPentestsOutput

Retrieves information about one or more pentests in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.pentests #=> Array
resp.pentests[0].pentest_id #=> String
resp.pentests[0].agent_space_id #=> String
resp.pentests[0].title #=> String
resp.pentests[0].assets.endpoints #=> Array
resp.pentests[0].assets.endpoints[0].uri #=> String
resp.pentests[0].assets.actors #=> Array
resp.pentests[0].assets.actors[0].identifier #=> String
resp.pentests[0].assets.actors[0].uris #=> Array
resp.pentests[0].assets.actors[0].uris[0] #=> String
resp.pentests[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentests[0].assets.actors[0].authentication.value #=> String
resp.pentests[0].assets.actors[0].description #=> String
resp.pentests[0].assets.documents #=> Array
resp.pentests[0].assets.documents[0].s3_location #=> String
resp.pentests[0].assets.documents[0].artifact_id #=> String
resp.pentests[0].assets.source_code #=> Array
resp.pentests[0].assets.source_code[0].s3_location #=> String
resp.pentests[0].assets.integrated_repositories #=> Array
resp.pentests[0].assets.integrated_repositories[0].integration_id #=> String
resp.pentests[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.pentests[0].exclude_risk_types #=> Array
resp.pentests[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentests[0].service_role #=> String
resp.pentests[0].log_config.log_group #=> String
resp.pentests[0].log_config.log_stream #=> String
resp.pentests[0].vpc_config.vpc_arn #=> String
resp.pentests[0].vpc_config.security_group_arns #=> Array
resp.pentests[0].vpc_config.security_group_arns[0] #=> String
resp.pentests[0].vpc_config.subnet_arns #=> Array
resp.pentests[0].vpc_config.subnet_arns[0] #=> String
resp.pentests[0].network_traffic_config.rules #=> Array
resp.pentests[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentests[0].network_traffic_config.rules[0].pattern #=> String
resp.pentests[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentests[0].network_traffic_config.custom_headers #=> Array
resp.pentests[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentests[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentests[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentests[0].created_at #=> Time
resp.pentests[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_ids (required, Array<String>)

    The list of pentest identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentests.

Returns:

See Also:



1192
1193
1194
1195
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1192

def batch_get_pentests(params = {}, options = {})
  req = build_request(:batch_get_pentests, params)
  req.send_request(options)
end

#batch_get_target_domains(params = {}) ⇒ Types::BatchGetTargetDomainsOutput

Retrieves information about one or more target domains.

Examples:

Request syntax with placeholder values


resp = client.batch_get_target_domains({
  target_domain_ids: ["String"], # required
})

Response structure


resp.target_domains #=> Array
resp.target_domains[0].target_domain_id #=> String
resp.target_domains[0].domain_name #=> String
resp.target_domains[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.target_domains[0].verification_status_reason #=> String
resp.target_domains[0].verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.target_domains[0].verification_details.dns_txt.token #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_name #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.target_domains[0].verification_details.http_route.token #=> String
resp.target_domains[0].verification_details.http_route.route_path #=> String
resp.target_domains[0].created_at #=> Time
resp.target_domains[0].verified_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_ids (required, Array<String>)

    The list of target domain identifiers to retrieve.

Returns:

See Also:



1235
1236
1237
1238
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1235

def batch_get_target_domains(params = {}, options = {})
  req = build_request(:batch_get_target_domains, params)
  req.send_request(options)
end

#create_agent_space(params = {}) ⇒ Types::CreateAgentSpaceOutput

Creates a new agent space. An agent space is a dedicated workspace for securing a specific application.

Examples:

Request syntax with placeholder values


resp = client.create_agent_space({
  name: "AgentName", # required
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.kms_key_id #=> String
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :name (required, String)

    The name of the agent space.

  • :description (String)

    A description of the agent space.

  • :aws_resources (Types::AWSResources)

    The AWS resources to associate with the agent space.

  • :target_domain_ids (Array<String>)

    The list of target domain identifiers to associate with the agent space.

  • :code_review_settings (Types::CodeReviewSettings)

    The code review settings for the agent space.

  • :kms_key_id (String)

    The identifier of the AWS KMS key to use for encrypting data in the agent space.

  • :tags (Hash<String,String>)

    The tags to associate with the agent space.

Returns:

See Also:



1341
1342
1343
1344
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1341

def create_agent_space(params = {}, options = {})
  req = build_request(:create_agent_space, params)
  req.send_request(options)
end

#create_application(params = {}) ⇒ Types::CreateApplicationResponse

Creates a new application. An application is the top-level organizational unit that supports IAM Identity Center integration.

Examples:

Request syntax with placeholder values


resp = client.create_application({
  idc_instance_arn: "IdCInstanceArn",
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.application_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :idc_instance_arn (String)

    The Amazon Resource Name (ARN) of the IAM Identity Center instance to associate with the application.

  • :role_arn (String)

    The Amazon Resource Name (ARN) of the IAM role to associate with the application.

  • :default_kms_key_id (String)

    The identifier of the default AWS KMS key to use for encrypting data in the application.

  • :tags (Hash<String,String>)

    The tags to associate with the application.

Returns:

See Also:



1387
1388
1389
1390
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1387

def create_application(params = {}, options = {})
  req = build_request(:create_application, params)
  req.send_request(options)
end

#create_code_review(params = {}) ⇒ Types::CreateCodeReviewOutput

Creates a new code review configuration in an agent space. A code review defines the parameters for automated security-focused code analysis.

Examples:

Request syntax with placeholder values


resp = client.create_code_review({
  title: "String", # required
  agent_space_id: "String", # required
  assets: { # required
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :title (required, String)

    The title of the code review.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to create the code review in.

  • :assets (required, Types::Assets)

    The assets to include in the code review, such as documents and source code.

  • :service_role (String)

    The IAM service role to use for the code review.

  • :log_config (Types::CloudWatchLog)

    The CloudWatch Logs configuration for the code review.

  • :code_remediation_strategy (String)

    The code remediation strategy for the code review. Valid values are AUTOMATIC and DISABLED.

Returns:

See Also:



1509
1510
1511
1512
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1509

def create_code_review(params = {}, options = {})
  req = build_request(:create_code_review, params)
  req.send_request(options)
end

#create_integration(params = {}) ⇒ Types::CreateIntegrationOutput

Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.

Examples:

Request syntax with placeholder values


resp = client.create_integration({
  provider: "GITHUB", # required, accepts GITHUB
  input: { # required
    github: {
      code: "AuthCode", # required
      state: "CsrfState", # required
      organization_name: "String",
    },
  },
  integration_display_name: "String", # required
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.integration_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :provider (required, String)

    The integration provider. Currently, only GITHUB is supported.

  • :input (required, Types::ProviderInput)

    The provider-specific input required to create the integration.

  • :integration_display_name (required, String)

    The display name for the integration.

  • :kms_key_id (String)

    The identifier of the AWS KMS key to use for encrypting data associated with the integration.

  • :tags (Hash<String,String>)

    The tags to associate with the integration.

Returns:

See Also:



1563
1564
1565
1566
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1563

def create_integration(params = {}, options = {})
  req = build_request(:create_integration, params)
  req.send_request(options)
end

#create_membership(params = {}) ⇒ Struct

Creates a new membership, granting a user access to an agent space within an application.

Examples:

Request syntax with placeholder values


resp = client.create_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # required, accepts USER
  config: {
    user: {
      role: "MEMBER", # accepts MEMBER
    },
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application that contains the agent space.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to grant access to.

  • :membership_id (required, String)

    The unique identifier for the membership.

  • :member_type (required, String)

    The type of member. Currently, only USER is supported.

  • :config (Types::MembershipConfig)

    The configuration for the membership, such as the user role.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1607
1608
1609
1610
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1607

def create_membership(params = {}, options = {})
  req = build_request(:create_membership, params)
  req.send_request(options)
end

#create_pentest(params = {}) ⇒ Types::CreatePentestOutput

Creates a new pentest configuration in an agent space. A pentest defines the security test parameters, including target assets, risk type exclusions, and logging configuration.

Examples:

Request syntax with placeholder values


resp = client.create_pentest({
  title: "String", # required
  agent_space_id: "String", # required
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :title (required, String)

    The title of the pentest.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to create the pentest in.

  • :assets (Types::Assets)

    The assets to include in the pentest, such as endpoints, actors, documents, and source code.

  • :exclude_risk_types (Array<String>)

    The list of risk types to exclude from the pentest.

  • :service_role (String)

    The IAM service role to use for the pentest.

  • :log_config (Types::CloudWatchLog)

    The CloudWatch Logs configuration for the pentest.

  • :vpc_config (Types::VpcConfig)

    The VPC configuration for the pentest.

  • :network_traffic_config (Types::NetworkTrafficConfig)

    The network traffic configuration for the pentest, including custom headers and traffic rules.

  • :code_remediation_strategy (String)

    The code remediation strategy for the pentest. Valid values are AUTOMATIC and DISABLED.

Returns:

See Also:



1761
1762
1763
1764
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1761

def create_pentest(params = {}, options = {})
  req = build_request(:create_pentest, params)
  req.send_request(options)
end

#create_target_domain(params = {}) ⇒ Types::CreateTargetDomainOutput

Creates a new target domain for penetration testing. A target domain is a web domain that must be registered and verified before it can be tested.

Examples:

Request syntax with placeholder values


resp = client.create_target_domain({
  target_domain_name: "String", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_name (required, String)

    The domain name to register as a target domain.

  • :verification_method (required, String)

    The method to use for verifying domain ownership. Valid values are DNS_TXT, HTTP_ROUTE, and PRIVATE_VPC.

  • :tags (Hash<String,String>)

    The tags to associate with the target domain.

Returns:

See Also:



1819
1820
1821
1822
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1819

def create_target_domain(params = {}, options = {})
  req = build_request(:create_target_domain, params)
  req.send_request(options)
end

#delete_agent_space(params = {}) ⇒ Types::DeleteAgentSpaceOutput

Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.

Examples:

Request syntax with placeholder values


resp = client.delete_agent_space({
  agent_space_id: "AgentSpaceId", # required
})

Response structure


resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to delete.

Returns:

See Also:



1848
1849
1850
1851
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1848

def delete_agent_space(params = {}, options = {})
  req = build_request(:delete_agent_space, params)
  req.send_request(options)
end

#delete_application(params = {}) ⇒ Struct

Deletes an application and its associated configuration, including IAM Identity Center settings.

Examples:

Request syntax with placeholder values


resp = client.delete_application({
  application_id: "ApplicationId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application to delete.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1871
1872
1873
1874
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1871

def delete_application(params = {}, options = {})
  req = build_request(:delete_application, params)
  req.send_request(options)
end

#delete_artifact(params = {}) ⇒ Struct

Deletes an artifact from an agent space.

Examples:

Request syntax with placeholder values


resp = client.delete_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the artifact.

  • :artifact_id (required, String)

    The unique identifier of the artifact to delete.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1897
1898
1899
1900
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1897

def delete_artifact(params = {}, options = {})
  req = build_request(:delete_artifact, params)
  req.send_request(options)
end

#delete_integration(params = {}) ⇒ Struct

Deletes an integration with a third-party provider.

Examples:

Request syntax with placeholder values


resp = client.delete_integration({
  integration_id: "IntegrationId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :integration_id (required, String)

    The unique identifier of the integration to delete.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1919
1920
1921
1922
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1919

def delete_integration(params = {}, options = {})
  req = build_request(:delete_integration, params)
  req.send_request(options)
end

#delete_membership(params = {}) ⇒ Struct

Deletes a membership, revoking a user's access to an agent space.

Examples:

Request syntax with placeholder values


resp = client.delete_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # accepts USER
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application that contains the agent space.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to revoke access from.

  • :membership_id (required, String)

    The unique identifier of the membership to delete.

  • :member_type (String)

    The type of member to remove.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1954
1955
1956
1957
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1954

def delete_membership(params = {}, options = {})
  req = build_request(:delete_membership, params)
  req.send_request(options)
end

#delete_target_domain(params = {}) ⇒ Types::DeleteTargetDomainOutput

Deletes a target domain registration. After deletion, the domain can no longer be used for penetration testing.

Examples:

Request syntax with placeholder values


resp = client.delete_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure


resp.target_domain_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_id (required, String)

    The unique identifier of the target domain to delete.

Returns:

See Also:



1983
1984
1985
1986
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1983

def delete_target_domain(params = {}, options = {})
  req = build_request(:delete_target_domain, params)
  req.send_request(options)
end

#get_application(params = {}) ⇒ Types::GetApplicationResponse

Retrieves information about an application.

Examples:

Request syntax with placeholder values


resp = client.get_application({
  application_id: "ApplicationId", # required
})

Response structure


resp.application_id #=> String
resp.domain #=> String
resp.application_name #=> String
resp.idc_configuration.idc_application_arn #=> String
resp.idc_configuration.idc_instance_arn #=> String
resp.role_arn #=> String
resp.default_kms_key_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application to retrieve.

Returns:

See Also:



2022
2023
2024
2025
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2022

def get_application(params = {}, options = {})
  req = build_request(:get_application, params)
  req.send_request(options)
end

#get_artifact(params = {}) ⇒ Types::GetArtifactOutput

Retrieves an artifact from an agent space.

Examples:

Request syntax with placeholder values


resp = client.get_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Response structure


resp.agent_space_id #=> String
resp.artifact_id #=> String
resp.artifact.contents #=> String
resp.artifact.type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.file_name #=> String
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the artifact.

  • :artifact_id (required, String)

    The unique identifier of the artifact to retrieve.

Returns:

See Also:



2063
2064
2065
2066
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2063

def get_artifact(params = {}, options = {})
  req = build_request(:get_artifact, params)
  req.send_request(options)
end

#get_integration(params = {}) ⇒ Types::GetIntegrationOutput

Retrieves information about an integration.

Examples:

Request syntax with placeholder values


resp = client.get_integration({
  integration_id: "IntegrationId", # required
})

Response structure


resp.integration_id #=> String
resp.installation_id #=> String
resp.provider #=> String, one of "GITHUB"
resp.provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.display_name #=> String
resp.kms_key_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :integration_id (required, String)

    The unique identifier of the integration to retrieve.

Returns:

See Also:



2101
2102
2103
2104
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2101

def get_integration(params = {}, options = {})
  req = build_request(:get_integration, params)
  req.send_request(options)
end

#initiate_provider_registration(params = {}) ⇒ Types::InitiateProviderRegistrationOutput

Initiates the OAuth registration flow with a third-party provider. Returns a redirect URL and CSRF state token for completing the authorization.

Examples:

Request syntax with placeholder values


resp = client.initiate_provider_registration({
  provider: "GITHUB", # required, accepts GITHUB
})

Response structure


resp.redirect_to #=> String
resp.csrf_state #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :provider (required, String)

    The provider to initiate registration with. Currently, only GITHUB is supported.

Returns:

See Also:



2134
2135
2136
2137
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2134

def initiate_provider_registration(params = {}, options = {})
  req = build_request(:initiate_provider_registration, params)
  req.send_request(options)
end

#list_agent_spaces(params = {}) ⇒ Types::ListAgentSpacesOutput

Returns a paginated list of agent space summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_agent_spaces({
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.agent_space_summaries #=> Array
resp.agent_space_summaries[0].agent_space_id #=> String
resp.agent_space_summaries[0].name #=> String
resp.agent_space_summaries[0].created_at #=> Time
resp.agent_space_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2177
2178
2179
2180
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2177

def list_agent_spaces(params = {}, options = {})
  req = build_request(:list_agent_spaces, params)
  req.send_request(options)
end

#list_applications(params = {}) ⇒ Types::ListApplicationsResponse

Returns a paginated list of application summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_applications({
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.application_summaries #=> Array
resp.application_summaries[0].application_id #=> String
resp.application_summaries[0].application_name #=> String
resp.application_summaries[0].domain #=> String
resp.application_summaries[0].default_kms_key_id #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2220
2221
2222
2223
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2220

def list_applications(params = {}, options = {})
  req = build_request(:list_applications, params)
  req.send_request(options)
end

#list_artifacts(params = {}) ⇒ Types::ListArtifactsOutput

Returns a paginated list of artifact summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_artifacts({
  agent_space_id: "AgentSpaceId", # required
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.artifact_summaries #=> Array
resp.artifact_summaries[0].artifact_id #=> String
resp.artifact_summaries[0].file_name #=> String
resp.artifact_summaries[0].artifact_type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list artifacts for.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2267
2268
2269
2270
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2267

def list_artifacts(params = {}, options = {})
  req = build_request(:list_artifacts, params)
  req.send_request(options)
end

#list_code_review_job_tasks(params = {}) ⇒ Types::ListCodeReviewJobTasksOutput

Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_code_review_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  code_review_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
  category_name: "String",
  next_token: "NextToken",
})

Response structure


resp.code_review_job_task_summaries #=> Array
resp.code_review_job_task_summaries[0].task_id #=> String
resp.code_review_job_task_summaries[0].code_review_id #=> String
resp.code_review_job_task_summaries[0].code_review_job_id #=> String
resp.code_review_job_task_summaries[0].agent_space_id #=> String
resp.code_review_job_task_summaries[0].title #=> String
resp.code_review_job_task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_task_summaries[0].created_at #=> Time
resp.code_review_job_task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :code_review_job_id (String)

    The unique identifier of the code review job to list tasks for.

  • :step_name (String)

    Filter tasks by step name.

  • :category_name (String)

    Filter tasks by category name.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2332
2333
2334
2335
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2332

def list_code_review_job_tasks(params = {}, options = {})
  req = build_request(:list_code_review_job_tasks, params)
  req.send_request(options)
end

#list_code_review_jobs_for_code_review(params = {}) ⇒ Types::ListCodeReviewJobsForCodeReviewOutput

Returns a paginated list of code review job summaries for the specified code review configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_code_review_jobs_for_code_review({
  max_results: 1,
  code_review_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure


resp.code_review_job_summaries #=> Array
resp.code_review_job_summaries[0].code_review_job_id #=> String
resp.code_review_job_summaries[0].code_review_id #=> String
resp.code_review_job_summaries[0].title #=> String
resp.code_review_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_job_summaries[0].created_at #=> Time
resp.code_review_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :code_review_id (required, String)

    The unique identifier of the code review to list jobs for.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2386
2387
2388
2389
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2386

def list_code_review_jobs_for_code_review(params = {}, options = {})
  req = build_request(:list_code_review_jobs_for_code_review, params)
  req.send_request(options)
end

#list_code_reviews(params = {}) ⇒ Types::ListCodeReviewsOutput

Returns a paginated list of code review summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_code_reviews({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure


resp.code_review_summaries #=> Array
resp.code_review_summaries[0].code_review_id #=> String
resp.code_review_summaries[0].agent_space_id #=> String
resp.code_review_summaries[0].title #=> String
resp.code_review_summaries[0].created_at #=> Time
resp.code_review_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list code reviews for.

Returns:

See Also:



2435
2436
2437
2438
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2435

def list_code_reviews(params = {}, options = {})
  req = build_request(:list_code_reviews, params)
  req.send_request(options)
end

#list_discovered_endpoints(params = {}) ⇒ Types::ListDiscoveredEndpointsOutput

Returns a paginated list of endpoints discovered during a pentest job execution.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_discovered_endpoints({
  max_results: 1,
  pentest_job_id: "String", # required
  agent_space_id: "String", # required
  prefix: "String",
  next_token: "NextToken",
})

Response structure


resp.discovered_endpoints #=> Array
resp.discovered_endpoints[0].uri #=> String
resp.discovered_endpoints[0].pentest_job_id #=> String
resp.discovered_endpoints[0].task_id #=> String
resp.discovered_endpoints[0].agent_space_id #=> String
resp.discovered_endpoints[0].evidence #=> String
resp.discovered_endpoints[0].operation #=> String
resp.discovered_endpoints[0].description #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_job_id (required, String)

    The unique identifier of the pentest job to list discovered endpoints for.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :prefix (String)

    A prefix to filter discovered endpoints by URI.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2495
2496
2497
2498
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2495

def list_discovered_endpoints(params = {}, options = {})
  req = build_request(:list_discovered_endpoints, params)
  req.send_request(options)
end

#list_findings(params = {}) ⇒ Types::ListFindingsOutput

Lists the security findings for a pentest job.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_findings({
  max_results: 1,
  pentest_job_id: "String",
  code_review_job_id: "String",
  agent_space_id: "String", # required
  next_token: "NextToken",
  risk_type: "String",
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
  confidence: "FALSE_POSITIVE", # accepts FALSE_POSITIVE, UNCONFIRMED, LOW, MEDIUM, HIGH
  name: "String",
})

Response structure


resp.findings_summaries #=> Array
resp.findings_summaries[0].finding_id #=> String
resp.findings_summaries[0].agent_space_id #=> String
resp.findings_summaries[0].pentest_id #=> String
resp.findings_summaries[0].pentest_job_id #=> String
resp.findings_summaries[0].code_review_id #=> String
resp.findings_summaries[0].code_review_job_id #=> String
resp.findings_summaries[0].name #=> String
resp.findings_summaries[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings_summaries[0].risk_type #=> String
resp.findings_summaries[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings_summaries[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings_summaries[0].created_at #=> Time
resp.findings_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_job_id (String)

    The unique identifier of the pentest job to list findings for.

  • :code_review_job_id (String)

    The unique identifier of the code review job to list findings for. Mutually exclusive with pentestJobId.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :risk_type (String)

    Filter findings by risk type.

  • :risk_level (String)

    Filter findings by risk level.

  • :status (String)

    Filter findings by status.

  • :confidence (String)

    Filter findings by confidence level.

  • :name (String)

    Filter findings by name.

Returns:

See Also:



2580
2581
2582
2583
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2580

def list_findings(params = {}, options = {})
  req = build_request(:list_findings, params)
  req.send_request(options)
end

#list_integrated_resources(params = {}) ⇒ Types::ListIntegratedResourcesOutput

Lists the integrated resources for an agent space, optionally filtered by integration or resource type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId",
  resource_type: "CODE_REPOSITORY", # accepts CODE_REPOSITORY
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.integrated_resource_summaries #=> Array
resp.integrated_resource_summaries[0].integration_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.name #=> String
resp.integrated_resource_summaries[0].resource.github_repository.provider_resource_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.owner #=> String
resp.integrated_resource_summaries[0].resource.github_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
resp.integrated_resource_summaries[0].capabilities.github.leave_comments #=> Boolean
resp.integrated_resource_summaries[0].capabilities.github.remediate_code #=> Boolean
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list integrated resources for.

  • :integration_id (String)

    The unique identifier of the integration to filter by.

  • :resource_type (String)

    The type of resource to filter by.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2640
2641
2642
2643
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2640

def list_integrated_resources(params = {}, options = {})
  req = build_request(:list_integrated_resources, params)
  req.send_request(options)
end

#list_integrations(params = {}) ⇒ Types::ListIntegrationsOutput

Lists the integrations in your account, optionally filtered by provider or provider type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_integrations({
  filter: {
    provider: "GITHUB", # accepts GITHUB
    provider_type: "SOURCE_CODE", # accepts SOURCE_CODE, DOCUMENTATION
  },
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.integration_summaries #=> Array
resp.integration_summaries[0].integration_id #=> String
resp.integration_summaries[0].installation_id #=> String
resp.integration_summaries[0].provider #=> String, one of "GITHUB"
resp.integration_summaries[0].provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.integration_summaries[0].display_name #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :filter (Types::IntegrationFilter)

    A filter to apply to the list of integrations.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2692
2693
2694
2695
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2692

def list_integrations(params = {}, options = {})
  req = build_request(:list_integrations, params)
  req.send_request(options)
end

#list_memberships(params = {}) ⇒ Types::ListMembershipsResponse

Returns a paginated list of membership summaries for the specified agent space within an application.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_memberships({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  member_type: "USER", # accepts USER, ALL
  max_results: 1,
  next_token: "NextToken",
})

Response structure


resp.membership_summaries #=> Array
resp.membership_summaries[0].membership_id #=> String
resp.membership_summaries[0].application_id #=> String
resp.membership_summaries[0].agent_space_id #=> String
resp.membership_summaries[0].member_type #=> String, one of "USER"
resp.membership_summaries[0].config.user.role #=> String, one of "MEMBER"
resp.membership_summaries[0].metadata.user.username #=> String
resp.membership_summaries[0].metadata.user.email #=> String
resp.membership_summaries[0].created_at #=> Time
resp.membership_summaries[0].updated_at #=> Time
resp.membership_summaries[0].created_by #=> String
resp.membership_summaries[0].updated_by #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application that contains the agent space.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list memberships for.

  • :member_type (String)

    Filter memberships by member type.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2756
2757
2758
2759
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2756

def list_memberships(params = {}, options = {})
  req = build_request(:list_memberships, params)
  req.send_request(options)
end

#list_pentest_job_tasks(params = {}) ⇒ Types::ListPentestJobTasksOutput

Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_pentest_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  pentest_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
  category_name: "String",
  next_token: "NextToken",
})

Response structure


resp.task_summaries #=> Array
resp.task_summaries[0].task_id #=> String
resp.task_summaries[0].pentest_id #=> String
resp.task_summaries[0].pentest_job_id #=> String
resp.task_summaries[0].agent_space_id #=> String
resp.task_summaries[0].title #=> String
resp.task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.task_summaries[0].created_at #=> Time
resp.task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_job_id (String)

    The unique identifier of the pentest job to list tasks for.

  • :step_name (String)

    Filter tasks by step name. Valid values include PREFLIGHT, STATIC_ANALYSIS, PENTEST, and FINALIZING.

  • :category_name (String)

    Filter tasks by category name.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2822
2823
2824
2825
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2822

def list_pentest_job_tasks(params = {}, options = {})
  req = build_request(:list_pentest_job_tasks, params)
  req.send_request(options)
end

#list_pentest_jobs_for_pentest(params = {}) ⇒ Types::ListPentestJobsForPentestOutput

Returns a paginated list of pentest job summaries for the specified pentest configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_pentest_jobs_for_pentest({
  max_results: 1,
  pentest_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure


resp.pentest_job_summaries #=> Array
resp.pentest_job_summaries[0].pentest_job_id #=> String
resp.pentest_job_summaries[0].pentest_id #=> String
resp.pentest_job_summaries[0].title #=> String
resp.pentest_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_job_summaries[0].created_at #=> Time
resp.pentest_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_id (required, String)

    The unique identifier of the pentest to list jobs for.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2876
2877
2878
2879
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2876

def list_pentest_jobs_for_pentest(params = {}, options = {})
  req = build_request(:list_pentest_jobs_for_pentest, params)
  req.send_request(options)
end

#list_pentests(params = {}) ⇒ Types::ListPentestsOutput

Returns a paginated list of pentest summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_pentests({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure


resp.pentest_summaries #=> Array
resp.pentest_summaries[0].pentest_id #=> String
resp.pentest_summaries[0].agent_space_id #=> String
resp.pentest_summaries[0].title #=> String
resp.pentest_summaries[0].created_at #=> Time
resp.pentest_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list pentests for.

Returns:

See Also:



2925
2926
2927
2928
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2925

def list_pentests(params = {}, options = {})
  req = build_request(:list_pentests, params)
  req.send_request(options)
end

#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceOutput

Returns the tags associated with the specified resource.

Examples:

Request syntax with placeholder values


resp = client.list_tags_for_resource({
  resource_arn: "ResourceArn", # required
})

Response structure


resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the resource to list tags for.

Returns:

See Also:



2954
2955
2956
2957
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2954

def list_tags_for_resource(params = {}, options = {})
  req = build_request(:list_tags_for_resource, params)
  req.send_request(options)
end

#list_target_domains(params = {}) ⇒ Types::ListTargetDomainsOutput

Returns a paginated list of target domain summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_target_domains({
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.target_domain_summaries #=> Array
resp.target_domain_summaries[0].target_domain_id #=> String
resp.target_domain_summaries[0].domain_name #=> String
resp.target_domain_summaries[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2996
2997
2998
2999
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2996

def list_target_domains(params = {}, options = {})
  req = build_request(:list_target_domains, params)
  req.send_request(options)
end

#start_code_remediation(params = {}) ⇒ Struct

Initiates code remediation for one or more security findings. This creates pull requests in integrated repositories to fix the identified vulnerabilities.

Examples:

Request syntax with placeholder values


resp = client.start_code_remediation({
  agent_space_id: "String", # required
  pentest_job_id: "String",
  code_review_job_id: "String",
  finding_ids: ["String"], # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :pentest_job_id (String)

    The unique identifier of the pentest job that produced the findings. Mutually exclusive with codeReviewJobId.

  • :code_review_job_id (String)

    The unique identifier of the code review job that produced the findings. Mutually exclusive with pentestJobId.

  • :finding_ids (required, Array<String>)

    The list of finding identifiers to initiate code remediation for.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3034
3035
3036
3037
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3034

def start_code_remediation(params = {}, options = {})
  req = build_request(:start_code_remediation, params)
  req.send_request(options)
end

#start_code_review_job(params = {}) ⇒ Types::StartCodeReviewJobOutput

Starts a new code review job for a code review configuration. The job executes the security-focused code analysis defined in the code review.

Examples:

Request syntax with placeholder values


resp = client.start_code_review_job({
  agent_space_id: "String", # required
  code_review_id: "String", # required
})

Response structure


resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.code_review_id #=> String
resp.code_review_job_id #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :code_review_id (required, String)

    The unique identifier of the code review to start a job for.

Returns:

See Also:



3080
3081
3082
3083
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3080

def start_code_review_job(params = {}, options = {})
  req = build_request(:start_code_review_job, params)
  req.send_request(options)
end

#start_pentest_job(params = {}) ⇒ Types::StartPentestJobOutput

Starts a new pentest job for a pentest configuration. The job executes the security tests defined in the pentest.

Examples:

Request syntax with placeholder values


resp = client.start_pentest_job({
  agent_space_id: "String", # required
  pentest_id: "String", # required
})

Response structure


resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.pentest_id #=> String
resp.pentest_job_id #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :pentest_id (required, String)

    The unique identifier of the pentest to start a job for.

Returns:

See Also:



3125
3126
3127
3128
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3125

def start_pentest_job(params = {}, options = {})
  req = build_request(:start_pentest_job, params)
  req.send_request(options)
end

#stop_code_review_job(params = {}) ⇒ Struct

Stops a running code review job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values


resp = client.stop_code_review_job({
  agent_space_id: "String", # required
  code_review_job_id: "String", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :code_review_job_id (required, String)

    The unique identifier of the code review job to stop.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3152
3153
3154
3155
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3152

def stop_code_review_job(params = {}, options = {})
  req = build_request(:stop_code_review_job, params)
  req.send_request(options)
end

#stop_pentest_job(params = {}) ⇒ Struct

Stops a running pentest job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values


resp = client.stop_pentest_job({
  agent_space_id: "String", # required
  pentest_job_id: "String", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :pentest_job_id (required, String)

    The unique identifier of the pentest job to stop.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3179
3180
3181
3182
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3179

def stop_pentest_job(params = {}, options = {})
  req = build_request(:stop_pentest_job, params)
  req.send_request(options)
end

#tag_resource(params = {}) ⇒ Struct

Adds tags to a resource.

Examples:

Request syntax with placeholder values


resp = client.tag_resource({
  resource_arn: "ResourceArn", # required
  tags: { # required
    "TagKey" => "TagValue",
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the resource to tag.

  • :tags (required, Hash<String,String>)

    The tags to add to the resource.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3207
3208
3209
3210
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3207

def tag_resource(params = {}, options = {})
  req = build_request(:tag_resource, params)
  req.send_request(options)
end

#untag_resource(params = {}) ⇒ Struct

Removes tags from a resource.

Examples:

Request syntax with placeholder values


resp = client.untag_resource({
  resource_arn: "ResourceArn", # required
  tag_keys: ["TagKey"], # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the resource to remove tags from.

  • :tag_keys (required, Array<String>)

    The list of tag keys to remove from the resource.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3233
3234
3235
3236
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3233

def untag_resource(params = {}, options = {})
  req = build_request(:untag_resource, params)
  req.send_request(options)
end

#update_agent_space(params = {}) ⇒ Types::UpdateAgentSpaceOutput

Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.

Examples:

Request syntax with placeholder values


resp = client.update_agent_space({
  agent_space_id: "AgentSpaceId", # required
  name: "AgentName",
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
})

Response structure


resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to update.

  • :name (String)

    The updated name of the agent space.

  • :description (String)

    The updated description of the agent space.

  • :aws_resources (Types::AWSResources)

    The updated AWS resources to associate with the agent space.

  • :target_domain_ids (Array<String>)

    The updated list of target domain identifiers to associate with the agent space.

  • :code_review_settings (Types::CodeReviewSettings)

    The updated code review settings for the agent space.

Returns:

See Also:



3331
3332
3333
3334
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3331

def update_agent_space(params = {}, options = {})
  req = build_request(:update_agent_space, params)
  req.send_request(options)
end

#update_application(params = {}) ⇒ Types::UpdateApplicationResponse

Updates the configuration of an existing application, including the IAM role and default KMS key.

Examples:

Request syntax with placeholder values


resp = client.update_application({
  application_id: "ApplicationId", # required
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
})

Response structure


resp.application_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application to update.

  • :role_arn (String)

    The updated Amazon Resource Name (ARN) of the IAM role for the application.

  • :default_kms_key_id (String)

    The updated identifier of the default AWS KMS key for the application.

Returns:

See Also:



3369
3370
3371
3372
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3369

def update_application(params = {}, options = {})
  req = build_request(:update_application, params)
  req.send_request(options)
end

#update_code_review(params = {}) ⇒ Types::UpdateCodeReviewOutput

Updates an existing code review configuration.

Examples:

Request syntax with placeholder values


resp = client.update_code_review({
  code_review_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_id (required, String)

    The unique identifier of the code review to update.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code review.

  • :title (String)

    The updated title of the code review.

  • :assets (Types::Assets)

    The updated assets for the code review.

  • :service_role (String)

    The updated IAM service role for the code review.

  • :log_config (Types::CloudWatchLog)

    The updated CloudWatch Logs configuration for the code review.

  • :code_remediation_strategy (String)

    The updated code remediation strategy for the code review.

Returns:

See Also:



3492
3493
3494
3495
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3492

def update_code_review(params = {}, options = {})
  req = build_request(:update_code_review, params)
  req.send_request(options)
end

#update_finding(params = {}) ⇒ Struct

Updates the status or risk level of a security finding.

Examples:

Request syntax with placeholder values


resp = client.update_finding({
  finding_id: "String", # required
  agent_space_id: "String", # required
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_id (required, String)

    The unique identifier of the finding to update.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the finding.

  • :risk_level (String)

    The updated risk level for the finding.

  • :status (String)

    The updated status for the finding.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3526
3527
3528
3529
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3526

def update_finding(params = {}, options = {})
  req = build_request(:update_finding, params)
  req.send_request(options)
end

#update_integrated_resources(params = {}) ⇒ Struct

Updates the integrated resources for an agent space, including their capabilities.

Examples:

Request syntax with placeholder values


resp = client.update_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId", # required
  items: [ # required
    {
      resource: { # required
        github_repository: {
          name: "ProviderResourceName", # required
          owner: "GitHubOwner", # required
        },
      },
      capabilities: {
        github: {
          leave_comments: false,
          remediate_code: false,
        },
      },
    },
  ],
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :integration_id (required, String)

    The unique identifier of the integration.

  • :items (required, Array<Types::IntegratedResourceInputItem>)

    The list of integrated resource items to update.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3572
3573
3574
3575
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3572

def update_integrated_resources(params = {}, options = {})
  req = build_request(:update_integrated_resources, params)
  req.send_request(options)
end

#update_pentest(params = {}) ⇒ Types::UpdatePentestOutput

Updates an existing pentest configuration.

Examples:

Request syntax with placeholder values


resp = client.update_pentest({
  pentest_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_id (required, String)

    The unique identifier of the pentest to update.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentest.

  • :title (String)

    The updated title of the pentest.

  • :assets (Types::Assets)

    The updated assets for the pentest.

  • :exclude_risk_types (Array<String>)

    The updated list of risk types to exclude from the pentest.

  • :service_role (String)

    The updated IAM service role for the pentest.

  • :log_config (Types::CloudWatchLog)

    The updated CloudWatch Logs configuration for the pentest.

  • :vpc_config (Types::VpcConfig)

    The updated VPC configuration for the pentest.

  • :network_traffic_config (Types::NetworkTrafficConfig)

    The updated network traffic configuration for the pentest.

  • :code_remediation_strategy (String)

    The updated code remediation strategy for the pentest.

Returns:

See Also:



3725
3726
3727
3728
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3725

def update_pentest(params = {}, options = {})
  req = build_request(:update_pentest, params)
  req.send_request(options)
end

#update_target_domain(params = {}) ⇒ Types::UpdateTargetDomainOutput

Updates the verification method for a target domain.

Examples:

Request syntax with placeholder values


resp = client.update_target_domain({
  target_domain_id: "TargetDomainId", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
})

Response structure


resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_id (required, String)

    The unique identifier of the target domain to update.

  • :verification_method (required, String)

    The updated verification method for the target domain.

Returns:

See Also:



3774
3775
3776
3777
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3774

def update_target_domain(params = {}, options = {})
  req = build_request(:update_target_domain, params)
  req.send_request(options)
end

#verify_target_domain(params = {}) ⇒ Types::VerifyTargetDomainOutput

Initiates verification of a target domain. This checks whether the domain ownership verification token has been properly configured.

Examples:

Request syntax with placeholder values


resp = client.verify_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure


resp.target_domain_id #=> String
resp.domain_name #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.verified_at #=> Time
resp.status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_id (required, String)

    The unique identifier of the target domain to verify.

Returns:

See Also:



3815
3816
3817
3818
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3815

def verify_target_domain(params = {}, options = {})
  req = build_request(:verify_target_domain, params)
  req.send_request(options)
end