Class: Aws::SecurityAgent::Client

Inherits:

Seahorse::Client::Base

• Object
• Seahorse::Client::Base
• Aws::SecurityAgent::Client

Includes:

ClientStubs

Defined in:

gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb

Overview

An API client for SecurityAgent. To construct a client, you need to configure a :region and :credentials.

client = Aws::SecurityAgent::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

For details on configuring region and credentials see the developer guide.

See #initialize for a full list of supported configuration options.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations

• #add_artifact(params = {}) ⇒ Types::AddArtifactOutput

  Uploads an artifact to an agent space.

• #batch_delete_code_reviews(params = {}) ⇒ Types::BatchDeleteCodeReviewsOutput

  Deletes one or more code reviews from an agent space.

• #batch_delete_pentests(params = {}) ⇒ Types::BatchDeletePentestsOutput

  Deletes one or more pentests from an agent space.

• #batch_get_agent_spaces(params = {}) ⇒ Types::BatchGetAgentSpacesOutput

  Retrieves information about one or more agent spaces.

• #batch_get_artifact_metadata(params = {}) ⇒ Types::BatchGetArtifactMetadataOutput

  Retrieves metadata for one or more artifacts in an agent space.

• #batch_get_code_review_job_tasks(params = {}) ⇒ Types::BatchGetCodeReviewJobTasksOutput

  Retrieves information about one or more tasks within a code review job.

• #batch_get_code_review_jobs(params = {}) ⇒ Types::BatchGetCodeReviewJobsOutput

  Retrieves information about one or more code review jobs in an agent space.

• #batch_get_code_reviews(params = {}) ⇒ Types::BatchGetCodeReviewsOutput

  Retrieves information about one or more code reviews in an agent space.

• #batch_get_findings(params = {}) ⇒ Types::BatchGetFindingsOutput

  Retrieves information about one or more security findings in an agent space.

• #batch_get_pentest_job_tasks(params = {}) ⇒ Types::BatchGetPentestJobTasksOutput

  Retrieves information about one or more tasks within a pentest job.

• #batch_get_pentest_jobs(params = {}) ⇒ Types::BatchGetPentestJobsOutput

  Retrieves information about one or more pentest jobs in an agent space.

• #batch_get_pentests(params = {}) ⇒ Types::BatchGetPentestsOutput

  Retrieves information about one or more pentests in an agent space.

• #batch_get_target_domains(params = {}) ⇒ Types::BatchGetTargetDomainsOutput

  Retrieves information about one or more target domains.

• #create_agent_space(params = {}) ⇒ Types::CreateAgentSpaceOutput

  Creates a new agent space.

• #create_application(params = {}) ⇒ Types::CreateApplicationResponse

  Creates a new application.

• #create_code_review(params = {}) ⇒ Types::CreateCodeReviewOutput

  Creates a new code review configuration in an agent space.

• #create_integration(params = {}) ⇒ Types::CreateIntegrationOutput

  Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.

• #create_membership(params = {}) ⇒ Struct

  Creates a new membership, granting a user access to an agent space within an application.

• #create_pentest(params = {}) ⇒ Types::CreatePentestOutput

  Creates a new pentest configuration in an agent space.

• #create_target_domain(params = {}) ⇒ Types::CreateTargetDomainOutput

  Creates a new target domain for penetration testing.

• #delete_agent_space(params = {}) ⇒ Types::DeleteAgentSpaceOutput

  Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.

• #delete_application(params = {}) ⇒ Struct

  Deletes an application and its associated configuration, including IAM Identity Center settings.

• #delete_artifact(params = {}) ⇒ Struct

  Deletes an artifact from an agent space.

• #delete_integration(params = {}) ⇒ Struct

  Deletes an integration with a third-party provider.

• #delete_membership(params = {}) ⇒ Struct

  Deletes a membership, revoking a user's access to an agent space.

• #delete_target_domain(params = {}) ⇒ Types::DeleteTargetDomainOutput

  Deletes a target domain registration.

• #get_application(params = {}) ⇒ Types::GetApplicationResponse

  Retrieves information about an application.

• #get_artifact(params = {}) ⇒ Types::GetArtifactOutput

  Retrieves an artifact from an agent space.

• #get_integration(params = {}) ⇒ Types::GetIntegrationOutput

  Retrieves information about an integration.

• #initiate_provider_registration(params = {}) ⇒ Types::InitiateProviderRegistrationOutput

  Initiates the OAuth registration flow with a third-party provider.

• #list_agent_spaces(params = {}) ⇒ Types::ListAgentSpacesOutput

  Returns a paginated list of agent space summaries in your account.

• #list_applications(params = {}) ⇒ Types::ListApplicationsResponse

  Returns a paginated list of application summaries in your account.

• #list_artifacts(params = {}) ⇒ Types::ListArtifactsOutput

  Returns a paginated list of artifact summaries for the specified agent space.

• #list_code_review_job_tasks(params = {}) ⇒ Types::ListCodeReviewJobTasksOutput

  Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.

• #list_code_review_jobs_for_code_review(params = {}) ⇒ Types::ListCodeReviewJobsForCodeReviewOutput

  Returns a paginated list of code review job summaries for the specified code review configuration.

• #list_code_reviews(params = {}) ⇒ Types::ListCodeReviewsOutput

  Returns a paginated list of code review summaries for the specified agent space.

• #list_discovered_endpoints(params = {}) ⇒ Types::ListDiscoveredEndpointsOutput

  Returns a paginated list of endpoints discovered during a pentest job execution.

• #list_findings(params = {}) ⇒ Types::ListFindingsOutput

  Lists the security findings for a pentest job.

• #list_integrated_resources(params = {}) ⇒ Types::ListIntegratedResourcesOutput

  Lists the integrated resources for an agent space, optionally filtered by integration or resource type.

• #list_integrations(params = {}) ⇒ Types::ListIntegrationsOutput

  Lists the integrations in your account, optionally filtered by provider or provider type.

• #list_memberships(params = {}) ⇒ Types::ListMembershipsResponse

  Returns a paginated list of membership summaries for the specified agent space within an application.

• #list_pentest_job_tasks(params = {}) ⇒ Types::ListPentestJobTasksOutput

  Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.

• #list_pentest_jobs_for_pentest(params = {}) ⇒ Types::ListPentestJobsForPentestOutput

  Returns a paginated list of pentest job summaries for the specified pentest configuration.

• #list_pentests(params = {}) ⇒ Types::ListPentestsOutput

  Returns a paginated list of pentest summaries for the specified agent space.

• #list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceOutput

  Returns the tags associated with the specified resource.

• #list_target_domains(params = {}) ⇒ Types::ListTargetDomainsOutput

  Returns a paginated list of target domain summaries in your account.

• #start_code_remediation(params = {}) ⇒ Struct

  Initiates code remediation for one or more security findings.

• #start_code_review_job(params = {}) ⇒ Types::StartCodeReviewJobOutput

  Starts a new code review job for a code review configuration.

• #start_pentest_job(params = {}) ⇒ Types::StartPentestJobOutput

  Starts a new pentest job for a pentest configuration.

• #stop_code_review_job(params = {}) ⇒ Struct

  Stops a running code review job.

• #stop_pentest_job(params = {}) ⇒ Struct

  Stops a running pentest job.

• #tag_resource(params = {}) ⇒ Struct

  Adds tags to a resource.

• #untag_resource(params = {}) ⇒ Struct

  Removes tags from a resource.

• #update_agent_space(params = {}) ⇒ Types::UpdateAgentSpaceOutput

  Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.

• #update_application(params = {}) ⇒ Types::UpdateApplicationResponse

  Updates the configuration of an existing application, including the IAM role and default KMS key.

• #update_code_review(params = {}) ⇒ Types::UpdateCodeReviewOutput

  Updates an existing code review configuration.

• #update_finding(params = {}) ⇒ Struct

  Updates the status or risk level of a security finding.

• #update_integrated_resources(params = {}) ⇒ Struct

  Updates the integrated resources for an agent space, including their capabilities.

• #update_pentest(params = {}) ⇒ Types::UpdatePentestOutput

  Updates an existing pentest configuration.

• #update_target_domain(params = {}) ⇒ Types::UpdateTargetDomainOutput

  Updates the verification method for a target domain.

• #verify_target_domain(params = {}) ⇒ Types::VerifyTargetDomainOutput

  Initiates verification of a target domain.

Instance Method Summary

• #initialize(options) ⇒ Client constructor

  A new instance of Client.

Methods included from ClientStubs

#api_requests, #stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options) ⇒ Client

Returns a new instance of Client.

Parameters:

• options (Hash)

Options Hash (options):

• :plugins (Array<Seahorse::Client::Plugin>) — default: []] —

  A list of plugins to apply to the client. Each plugin is either a class name or an instance of a plugin class.

• :credentials (required, Aws::CredentialProvider) —

  Your AWS credentials used for authentication. This can be any class that includes and implements Aws::CredentialProvider, or instance of any one of the following classes:

  • Aws::Credentials - Used for configuring static, non-refreshing credentials.

  • Aws::SharedCredentials - Used for loading static credentials from a shared file, such as ~/.aws/config.

  • Aws::AssumeRoleCredentials - Used when you need to assume a role.

  • Aws::AssumeRoleWebIdentityCredentials - Used when you need to assume a role after providing credentials via the web.

  • Aws::SSOCredentials - Used for loading credentials from AWS SSO using an access token generated from aws login.

  • Aws::ProcessCredentials - Used for loading credentials from a process that outputs to stdout.

  • Aws::InstanceProfileCredentials - Used for loading credentials from an EC2 IMDS on an EC2 instance.

  • Aws::ECSCredentials - Used for loading credentials from instances running in ECS.

  • Aws::CognitoIdentityCredentials - Used for loading credentials from the Cognito Identity service.

  When :credentials are not configured directly, the following locations will be searched for credentials:

  • Aws.config[:credentials]

  • The :access_key_id, :secret_access_key, :session_token, and :account_id options.

  • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'], ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID'].

  • ~/.aws/credentials

  • ~/.aws/config

  • EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive. Construct and pass an instance of Aws::InstanceProfileCredentials or Aws::ECSCredentials to enable retries and extended timeouts. Instance profile credential fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] to true.

• :region (required, String) —

  The AWS region to connect to. The configured :region is used to determine the service :endpoint. When not passed, a default :region is searched for in the following locations:

  • Aws.config[:region]
  • ENV['AWS_REGION']
  • ENV['AMAZON_REGION']
  • ENV['AWS_DEFAULT_REGION']
  • ~/.aws/credentials
  • ~/.aws/config
• :access_key_id (String)
• :account_id (String)
• :active_endpoint_cache (Boolean) — default: false —

  When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false.

• :adaptive_retry_wait_to_fill (Boolean) — default: true —

  Used only in adaptive retry mode. When true, the request will sleep until there is sufficent client side capacity to retry the request. When false, the request will raise a RetryCapacityNotAvailableError and will not retry instead of sleeping.

• :auth_scheme_preference (Array<String>) —

  A list of preferred authentication schemes to use when making a request. Supported values are: sigv4, sigv4a, httpBearerAuth, and noAuth. When set using ENV['AWS_AUTH_SCHEME_PREFERENCE'] or in shared config as auth_scheme_preference, the value should be a comma-separated list.

• :client_side_monitoring (Boolean) — default: false —

  When true, client-side metrics will be collected for all API requests from this client.

• :client_side_monitoring_client_id (String) — default: "" —

  Allows you to provide an identifier for this client which will be attached to all generated client side metrics. Defaults to an empty string.

• :client_side_monitoring_host (String) — default: "127.0.0.1" —

  Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client side monitoring agent is running on, where client metrics will be published via UDP.

• :client_side_monitoring_port (Integer) — default: 31000 —

  Required for publishing client metrics. The port that the client side monitoring agent is running on, where client metrics will be published via UDP.

• :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) — default: Aws::ClientSideMonitoring::Publisher —

  Allows you to provide a custom client-side monitoring publisher class. By default, will use the Client Side Monitoring Agent Publisher.

• :convert_params (Boolean) — default: true —

  When true, an attempt is made to coerce request parameters into the required types.

• :correct_clock_skew (Boolean) — default: true —

  Used only in standard and adaptive retry modes. Specifies whether to apply a clock skew correction and retry requests with skewed client clocks.

• :defaults_mode (String) — default: "legacy" —

  See DefaultsModeConfiguration for a list of the accepted modes and the configuration defaults that are included.

• :disable_host_prefix_injection (Boolean) — default: false —

  When true, the SDK will not prepend the modeled host prefix to the endpoint.

• :disable_request_compression (Boolean) — default: false —

  When set to 'true' the request body will not be compressed for supported operations.

• :endpoint (String, URI::HTTPS, URI::HTTP) —

  Normally you should not configure the :endpoint option directly. This is normally constructed from the :region option. Configuring :endpoint is normally reserved for connecting to test or custom endpoints. The endpoint should be a URI formatted like:

  'http://example.com'
  'https://example.com'
  'http://example.com:123'
  

• :endpoint_cache_max_entries (Integer) — default: 1000 —

  Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000.

• :endpoint_cache_max_threads (Integer) — default: 10 —

  Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.

• :endpoint_cache_poll_interval (Integer) — default: 60 —

  When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec.

• :endpoint_discovery (Boolean) — default: false —

  When set to true, endpoint discovery will be enabled for operations when available.

• :ignore_configured_endpoint_urls (Boolean) —

  Setting to true disables use of endpoint URLs provided via environment variables and the shared configuration file.

• :log_formatter (Aws::Log::Formatter) — default: Aws::Log::Formatter.default —

  The log formatter.

• :log_level (Symbol) — default: :info —

  The log level to send messages to the :logger at.

• :logger (Logger) —

  The Logger instance to send log messages to. If this option is not set, logging will be disabled.

• :max_attempts (Integer) — default: 3 —

  An integer representing the maximum number attempts that will be made for a single request, including the initial attempt. For example, setting this value to 5 will result in a request being retried up to 4 times. Used in standard and adaptive retry modes.

• :profile (String) — default: "default" —

  Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used.

• :request_checksum_calculation (String) — default: "when_supported" —

  Determines when a checksum will be calculated for request payloads. Values are:

  • when_supported - (default) When set, a checksum will be calculated for all request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true and/or a requestAlgorithmMember is modeled.
  • when_required - When set, a checksum will only be calculated for request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true or where a requestAlgorithmMember is modeled and supplied.
• :request_min_compression_size_bytes (Integer) — default: 10240 —

  The minimum size in bytes that triggers compression for request bodies. The value must be non-negative integer value between 0 and 10485780 bytes inclusive.

• :response_checksum_validation (String) — default: "when_supported" —

  Determines when checksum validation will be performed on response payloads. Values are:

  • when_supported - (default) When set, checksum validation is performed on all response payloads of operations modeled with the httpChecksum trait where responseAlgorithms is modeled, except when no modeled checksum algorithms are supported.
  • when_required - When set, checksum validation is not performed on response payloads of operations unless the checksum algorithm is supported and the requestValidationModeMember member is set to ENABLED.
• :retry_backoff (Proc) —

  A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. This option is only used in the legacy retry mode.

• :retry_base_delay (Float) — default: 0.3 —

  The base delay in seconds used by the default backoff function. This option is only used in the legacy retry mode.

• :retry_jitter (Symbol) — default: :none —

  A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number. This option is only used in the legacy retry mode.

  @see https://www.awsarchitectureblog.com/2015/03/backoff.html

• :retry_limit (Integer) — default: 3 —

  The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors, auth errors, endpoint discovery, and errors from expired credentials. This option is only used in the legacy retry mode.

• :retry_max_delay (Integer) — default: 0 —

  The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function. This option is only used in the legacy retry mode.

• :retry_mode (String) — default: "legacy" —

  Specifies which retry algorithm to use. Values are:

  • legacy - The pre-existing retry behavior. This is the default value if no retry mode is provided.

  • standard - A standardized set of retry rules across the AWS SDKs. This includes support for retry quotas, which limit the number of unsuccessful retries a client can make.

  • adaptive - A retry mode that includes all the functionality of standard mode along with automatic client side throttling.

• :sdk_ua_app_id (String) —

  A unique and opaque application ID that is appended to the User-Agent header as app/sdk_ua_app_id. It should have a maximum length of 50. This variable is sourced from environment variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.

• :secret_access_key (String)
• :session_token (String)
• :sigv4a_signing_region_set (Array) —

  A list of regions that should be signed with SigV4a signing. When not passed, a default :sigv4a_signing_region_set is searched for in the following locations:

  • Aws.config[:sigv4a_signing_region_set]
  • ENV['AWS_SIGV4A_SIGNING_REGION_SET']
  • ~/.aws/config
• :stub_responses (Boolean) — default: false —

  Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

  Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled.

• :telemetry_provider (Aws::Telemetry::TelemetryProviderBase) — default: Aws::Telemetry::NoOpTelemetryProvider —

  Allows you to provide a telemetry provider, which is used to emit telemetry data. By default, uses NoOpTelemetryProvider which will not record or emit any telemetry data. The SDK supports the following telemetry providers:

  • OpenTelemetry (OTel) - To use the OTel provider, install and require the opentelemetry-sdk gem and then, pass in an instance of a Aws::Telemetry::OTelProvider for telemetry provider.
• :token_provider (Aws::TokenProvider) —

  Your Bearer token used for authentication. This can be any class that includes and implements Aws::TokenProvider, or instance of any one of the following classes:

  • Aws::StaticTokenProvider - Used for configuring static, non-refreshing tokens.

  • Aws::SSOTokenProvider - Used for loading tokens from AWS SSO using an access token generated from aws login.

  When :token_provider is not configured directly, the Aws::TokenProviderChain will be used to search for tokens configured for your profile in shared configuration files.

• :use_dualstack_endpoint (Boolean) —

  When set to true, dualstack enabled endpoints (with .aws TLD) will be used if available.

• :use_fips_endpoint (Boolean) —

  When set to true, fips compatible endpoints will be used if available. When a fips region is used, the region is normalized and this config is set to true.

• :validate_params (Boolean) — default: true —

  When true, request parameters are validated before sending the request.

• :endpoint_provider (Aws::SecurityAgent::EndpointProvider) —

  The endpoint provider used to resolve endpoints. Any object that responds to #resolve_endpoint(parameters) where parameters is a Struct similar to Aws::SecurityAgent::EndpointParameters.

• :http_continue_timeout (Float) — default: 1 —

  The number of seconds to wait for a 100-continue response before sending the request body. This option has no effect unless the request has "Expect" header set to "100-continue". Defaults to nil which disables this behaviour. This value can safely be set per request on the session.

• :http_idle_timeout (Float) — default: 5 —

  The number of seconds a connection is allowed to sit idle before it is considered stale. Stale connections are closed and removed from the pool before making a request.

• :http_open_timeout (Float) — default: 15 —

  The default number of seconds to wait for response data. This value can safely be set per-request on the session.

• :http_proxy (URI::HTTP, String) —

  A proxy to send requests through. Formatted like 'http://proxy.com:123'.

• :http_read_timeout (Float) — default: 60 —

  The default number of seconds to wait for response data. This value can safely be set per-request on the session.

• :http_wire_trace (Boolean) — default: false —

  When true, HTTP debug output will be sent to the :logger.

• :on_chunk_received (Proc) —

  When a Proc object is provided, it will be used as callback when each chunk of the response body is received. It provides three arguments: the chunk, the number of bytes received, and the total number of bytes in the response (or nil if the server did not send a content-length).

• :on_chunk_sent (Proc) —

  When a Proc object is provided, it will be used as callback when each chunk of the request body is sent. It provides three arguments: the chunk, the number of bytes read from the body, and the total number of bytes in the body.

• :raise_response_errors (Boolean) — default: true —

  When true, response errors are raised.

• :ssl_ca_bundle (String) —

  Full path to the SSL certificate authority bundle file that should be used when verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

• :ssl_ca_directory (String) —

  Full path of the directory that contains the unbundled SSL certificate authority files for verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

• :ssl_ca_store (String) —

  Sets the X509::Store to verify peer certificate.

• :ssl_cert (OpenSSL::X509::Certificate) —

  Sets a client certificate when creating http connections.

• :ssl_key (OpenSSL::PKey) —

  Sets a client key when creating http connections.

• :ssl_timeout (Float) —

  Sets the SSL timeout in seconds

• :ssl_verify_peer (Boolean) — default: true —

  When true, SSL peer certificates are verified when establishing a connection.

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 471

def initialize(*args)
  super
end

Instance Method Details

#add_artifact(params = {}) ⇒ Types::AddArtifactOutput

Uploads an artifact to an agent space. Artifacts provide additional context for security testing, such as architecture diagrams, API specifications, or configuration files.

Examples:

Request syntax with placeholder values

resp = client.add_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_content: "data", # required
  artifact_type: "TXT", # required, accepts TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, YAML
  file_name: "String", # required
})

Response structure

resp.artifact_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to add the artifact to.

• :artifact_content (required, String, StringIO, File) —

  The binary content of the artifact to upload.

• :artifact_type (required, String) —

  The file type of the artifact. Valid values include TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, and YAML.

• :file_name (required, String) —

  The file name of the artifact.

Returns:

• (Types::AddArtifactOutput) —

  Returns a response object which responds to the following methods:

  • #artifact_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 515

def add_artifact(params = {}, options = {})
  req = build_request(:add_artifact, params)
  req.send_request(options)
end

#batch_delete_code_reviews(params = {}) ⇒ Types::BatchDeleteCodeReviewsOutput

Deletes one or more code reviews from an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_delete_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.deleted #=> Array
resp.deleted[0] #=> String
resp.failed #=> Array
resp.failed[0].code_review_id #=> String
resp.failed[0].reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_ids (required, Array<String>) —

  The list of code review identifiers to delete.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code reviews to delete.

Returns:

• (Types::BatchDeleteCodeReviewsOutput) —

  Returns a response object which responds to the following methods:

  • #deleted => Array<String>
  • #failed => Array<Types::DeleteCodeReviewFailure>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 553

def batch_delete_code_reviews(params = {}, options = {})
  req = build_request(:batch_delete_code_reviews, params)
  req.send_request(options)
end

#batch_delete_pentests(params = {}) ⇒ Types::BatchDeletePentestsOutput

Deletes one or more pentests from an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_delete_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.deleted #=> Array
resp.deleted[0].pentest_id #=> String
resp.deleted[0].agent_space_id #=> String
resp.deleted[0].title #=> String
resp.deleted[0].assets.endpoints #=> Array
resp.deleted[0].assets.endpoints[0].uri #=> String
resp.deleted[0].assets.actors #=> Array
resp.deleted[0].assets.actors[0].identifier #=> String
resp.deleted[0].assets.actors[0].uris #=> Array
resp.deleted[0].assets.actors[0].uris[0] #=> String
resp.deleted[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.deleted[0].assets.actors[0].authentication.value #=> String
resp.deleted[0].assets.actors[0].description #=> String
resp.deleted[0].assets.documents #=> Array
resp.deleted[0].assets.documents[0].s3_location #=> String
resp.deleted[0].assets.documents[0].artifact_id #=> String
resp.deleted[0].assets.source_code #=> Array
resp.deleted[0].assets.source_code[0].s3_location #=> String
resp.deleted[0].assets.integrated_repositories #=> Array
resp.deleted[0].assets.integrated_repositories[0].integration_id #=> String
resp.deleted[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.deleted[0].exclude_risk_types #=> Array
resp.deleted[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.deleted[0].service_role #=> String
resp.deleted[0].log_config.log_group #=> String
resp.deleted[0].log_config.log_stream #=> String
resp.deleted[0].vpc_config.vpc_arn #=> String
resp.deleted[0].vpc_config.security_group_arns #=> Array
resp.deleted[0].vpc_config.security_group_arns[0] #=> String
resp.deleted[0].vpc_config.subnet_arns #=> Array
resp.deleted[0].vpc_config.subnet_arns[0] #=> String
resp.deleted[0].network_traffic_config.rules #=> Array
resp.deleted[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.deleted[0].network_traffic_config.rules[0].pattern #=> String
resp.deleted[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.deleted[0].network_traffic_config.custom_headers #=> Array
resp.deleted[0].network_traffic_config.custom_headers[0].name #=> String
resp.deleted[0].network_traffic_config.custom_headers[0].value #=> String
resp.deleted[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.deleted[0].created_at #=> Time
resp.deleted[0].updated_at #=> Time
resp.failed #=> Array
resp.failed[0].pentest_id #=> String
resp.failed[0].reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_ids (required, Array<String>) —

  The list of pentest identifiers to delete.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentests to delete.

Returns:

• (Types::BatchDeletePentestsOutput) —

  Returns a response object which responds to the following methods:

  • #deleted => Array<Types::Pentest>
  • #failed => Array<Types::DeletePentestFailure>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 630

def batch_delete_pentests(params = {}, options = {})
  req = build_request(:batch_delete_pentests, params)
  req.send_request(options)
end

#batch_get_agent_spaces(params = {}) ⇒ Types::BatchGetAgentSpacesOutput

Retrieves information about one or more agent spaces.

Examples:

Request syntax with placeholder values

resp = client.batch_get_agent_spaces({
  agent_space_ids: ["AgentSpaceId"], # required
})

Response structure

resp.agent_spaces #=> Array
resp.agent_spaces[0].agent_space_id #=> String
resp.agent_spaces[0].name #=> String
resp.agent_spaces[0].description #=> String
resp.agent_spaces[0].aws_resources.vpcs #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].vpc_arn #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.agent_spaces[0].aws_resources.log_groups #=> Array
resp.agent_spaces[0].aws_resources.log_groups[0] #=> String
resp.agent_spaces[0].aws_resources.s3_buckets #=> Array
resp.agent_spaces[0].aws_resources.s3_buckets[0] #=> String
resp.agent_spaces[0].aws_resources.secret_arns #=> Array
resp.agent_spaces[0].aws_resources.secret_arns[0] #=> String
resp.agent_spaces[0].aws_resources.lambda_function_arns #=> Array
resp.agent_spaces[0].aws_resources.lambda_function_arns[0] #=> String
resp.agent_spaces[0].aws_resources.iam_roles #=> Array
resp.agent_spaces[0].aws_resources.iam_roles[0] #=> String
resp.agent_spaces[0].target_domain_ids #=> Array
resp.agent_spaces[0].target_domain_ids[0] #=> String
resp.agent_spaces[0].code_review_settings.controls_scanning #=> Boolean
resp.agent_spaces[0].code_review_settings.general_purpose_scanning #=> Boolean
resp.agent_spaces[0].kms_key_id #=> String
resp.agent_spaces[0].created_at #=> Time
resp.agent_spaces[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_ids (required, Array<String>) —

  The list of agent space identifiers to retrieve.

Returns:

• (Types::BatchGetAgentSpacesOutput) —

  Returns a response object which responds to the following methods:

  • #agent_spaces => Array<Types::AgentSpace>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 687

def batch_get_agent_spaces(params = {}, options = {})
  req = build_request(:batch_get_agent_spaces, params)
  req.send_request(options)
end

#batch_get_artifact_metadata(params = {}) ⇒ Types::BatchGetArtifactMetadataOutput

Retrieves metadata for one or more artifacts in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_artifact_metadata({
  agent_space_id: "AgentSpaceId", # required
  artifact_ids: ["ArtifactId"], # required
})

Response structure

resp.artifact_metadata_list #=> Array
resp.artifact_metadata_list[0].agent_space_id #=> String
resp.artifact_metadata_list[0].artifact_id #=> String
resp.artifact_metadata_list[0].file_name #=> String
resp.artifact_metadata_list[0].updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the artifacts.

• :artifact_ids (required, Array<String>) —

  The list of artifact identifiers to retrieve metadata for.

Returns:

• (Types::BatchGetArtifactMetadataOutput) —

  Returns a response object which responds to the following methods:

  • #artifact_metadata_list => Array<Types::ArtifactMetadataItem>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 723

def batch_get_artifact_metadata(params = {}, options = {})
  req = build_request(:batch_get_artifact_metadata, params)
  req.send_request(options)
end

#batch_get_code_review_job_tasks(params = {}) ⇒ Types::BatchGetCodeReviewJobTasksOutput

Retrieves information about one or more tasks within a code review job.

Examples:

Request syntax with placeholder values

resp = client.batch_get_code_review_job_tasks({
  agent_space_id: "String", # required
  code_review_job_task_ids: ["String"], # required
})

Response structure

resp.code_review_job_tasks #=> Array
resp.code_review_job_tasks[0].task_id #=> String
resp.code_review_job_tasks[0].code_review_id #=> String
resp.code_review_job_tasks[0].code_review_job_id #=> String
resp.code_review_job_tasks[0].agent_space_id #=> String
resp.code_review_job_tasks[0].title #=> String
resp.code_review_job_tasks[0].description #=> String
resp.code_review_job_tasks[0].categories #=> Array
resp.code_review_job_tasks[0].categories[0].name #=> String
resp.code_review_job_tasks[0].categories[0].is_primary #=> Boolean
resp.code_review_job_tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.code_review_job_tasks[0].created_at #=> Time
resp.code_review_job_tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the tasks.

• :code_review_job_task_ids (required, Array<String>) —

  The list of task identifiers to retrieve.

Returns:

• (Types::BatchGetCodeReviewJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_job_tasks => Array<Types::CodeReviewJobTask>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 775

def batch_get_code_review_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_code_review_job_tasks, params)
  req.send_request(options)
end

#batch_get_code_review_jobs(params = {}) ⇒ Types::BatchGetCodeReviewJobsOutput

Retrieves information about one or more code review jobs in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_code_review_jobs({
  code_review_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.code_review_jobs #=> Array
resp.code_review_jobs[0].code_review_job_id #=> String
resp.code_review_jobs[0].code_review_id #=> String
resp.code_review_jobs[0].title #=> String
resp.code_review_jobs[0].overview #=> String
resp.code_review_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_jobs[0].documents #=> Array
resp.code_review_jobs[0].documents[0].s3_location #=> String
resp.code_review_jobs[0].documents[0].artifact_id #=> String
resp.code_review_jobs[0].source_code #=> Array
resp.code_review_jobs[0].source_code[0].s3_location #=> String
resp.code_review_jobs[0].steps #=> Array
resp.code_review_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
resp.code_review_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.code_review_jobs[0].steps[0].created_at #=> Time
resp.code_review_jobs[0].steps[0].updated_at #=> Time
resp.code_review_jobs[0].execution_context #=> Array
resp.code_review_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.code_review_jobs[0].execution_context[0].context #=> String
resp.code_review_jobs[0].execution_context[0].timestamp #=> Time
resp.code_review_jobs[0].service_role #=> String
resp.code_review_jobs[0].log_config.log_group #=> String
resp.code_review_jobs[0].log_config.log_stream #=> String
resp.code_review_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.code_review_jobs[0].error_information.message #=> String
resp.code_review_jobs[0].integrated_repositories #=> Array
resp.code_review_jobs[0].integrated_repositories[0].integration_id #=> String
resp.code_review_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.code_review_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_review_jobs[0].created_at #=> Time
resp.code_review_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_job_ids (required, Array<String>) —

  The list of code review job identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code review jobs.

Returns:

• (Types::BatchGetCodeReviewJobsOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_jobs => Array<Types::CodeReviewJob>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 842

def batch_get_code_review_jobs(params = {}, options = {})
  req = build_request(:batch_get_code_review_jobs, params)
  req.send_request(options)
end

#batch_get_code_reviews(params = {}) ⇒ Types::BatchGetCodeReviewsOutput

Retrieves information about one or more code reviews in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.code_reviews #=> Array
resp.code_reviews[0].code_review_id #=> String
resp.code_reviews[0].agent_space_id #=> String
resp.code_reviews[0].title #=> String
resp.code_reviews[0].assets.endpoints #=> Array
resp.code_reviews[0].assets.endpoints[0].uri #=> String
resp.code_reviews[0].assets.actors #=> Array
resp.code_reviews[0].assets.actors[0].identifier #=> String
resp.code_reviews[0].assets.actors[0].uris #=> Array
resp.code_reviews[0].assets.actors[0].uris[0] #=> String
resp.code_reviews[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.code_reviews[0].assets.actors[0].authentication.value #=> String
resp.code_reviews[0].assets.actors[0].description #=> String
resp.code_reviews[0].assets.documents #=> Array
resp.code_reviews[0].assets.documents[0].s3_location #=> String
resp.code_reviews[0].assets.documents[0].artifact_id #=> String
resp.code_reviews[0].assets.source_code #=> Array
resp.code_reviews[0].assets.source_code[0].s3_location #=> String
resp.code_reviews[0].assets.integrated_repositories #=> Array
resp.code_reviews[0].assets.integrated_repositories[0].integration_id #=> String
resp.code_reviews[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.code_reviews[0].service_role #=> String
resp.code_reviews[0].log_config.log_group #=> String
resp.code_reviews[0].log_config.log_stream #=> String
resp.code_reviews[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_reviews[0].created_at #=> Time
resp.code_reviews[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_ids (required, Array<String>) —

  The list of code review identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code reviews.

Returns:

• (Types::BatchGetCodeReviewsOutput) —

  Returns a response object which responds to the following methods:

  • #code_reviews => Array<Types::CodeReview>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 905

def batch_get_code_reviews(params = {}, options = {})
  req = build_request(:batch_get_code_reviews, params)
  req.send_request(options)
end

#batch_get_findings(params = {}) ⇒ Types::BatchGetFindingsOutput

Retrieves information about one or more security findings in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_findings({
  finding_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.findings #=> Array
resp.findings[0].finding_id #=> String
resp.findings[0].agent_space_id #=> String
resp.findings[0].pentest_id #=> String
resp.findings[0].pentest_job_id #=> String
resp.findings[0].code_review_id #=> String
resp.findings[0].code_review_job_id #=> String
resp.findings[0].task_id #=> String
resp.findings[0].name #=> String
resp.findings[0].description #=> String
resp.findings[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings[0].risk_type #=> String
resp.findings[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings[0].risk_score #=> String
resp.findings[0].reasoning #=> String
resp.findings[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings[0].attack_script #=> String
resp.findings[0].code_remediation_task.status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED"
resp.findings[0].code_remediation_task.status_reason #=> String
resp.findings[0].code_remediation_task.task_details #=> Array
resp.findings[0].code_remediation_task.task_details[0].repo_name #=> String
resp.findings[0].code_remediation_task.task_details[0].code_diff_link #=> String
resp.findings[0].code_remediation_task.task_details[0].pull_request_link #=> String
resp.findings[0].last_updated_by #=> String
resp.findings[0].code_locations #=> Array
resp.findings[0].code_locations[0].file_path #=> String
resp.findings[0].code_locations[0].line_start #=> Integer
resp.findings[0].code_locations[0].line_end #=> Integer
resp.findings[0].code_locations[0].label #=> String
resp.findings[0].verification_script.script_type #=> String
resp.findings[0].verification_script.script_url #=> String
resp.findings[0].verification_script.instructions #=> String
resp.findings[0].verification_script.env_vars #=> Array
resp.findings[0].verification_script.env_vars[0].name #=> String
resp.findings[0].verification_script.env_vars[0].value #=> String
resp.findings[0].created_at #=> Time
resp.findings[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :finding_ids (required, Array<String>) —

  The list of finding identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the findings.

Returns:

• (Types::BatchGetFindingsOutput) —

  Returns a response object which responds to the following methods:

  • #findings => Array<Types::Finding>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 977

def batch_get_findings(params = {}, options = {})
  req = build_request(:batch_get_findings, params)
  req.send_request(options)
end

#batch_get_pentest_job_tasks(params = {}) ⇒ Types::BatchGetPentestJobTasksOutput

Retrieves information about one or more tasks within a pentest job.

Examples:

Request syntax with placeholder values

resp = client.batch_get_pentest_job_tasks({
  agent_space_id: "String", # required
  task_ids: ["String"], # required
})

Response structure

resp.tasks #=> Array
resp.tasks[0].task_id #=> String
resp.tasks[0].pentest_id #=> String
resp.tasks[0].pentest_job_id #=> String
resp.tasks[0].agent_space_id #=> String
resp.tasks[0].title #=> String
resp.tasks[0].description #=> String
resp.tasks[0].categories #=> Array
resp.tasks[0].categories[0].name #=> String
resp.tasks[0].categories[0].is_primary #=> Boolean
resp.tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.tasks[0].target_endpoint.uri #=> String
resp.tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.tasks[0].created_at #=> Time
resp.tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the tasks.

• :task_ids (required, Array<String>) —

  The list of task identifiers to retrieve.

Returns:

• (Types::BatchGetPentestJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #tasks => Array<Types::Task>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1029

def batch_get_pentest_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_pentest_job_tasks, params)
  req.send_request(options)
end

#batch_get_pentest_jobs(params = {}) ⇒ Types::BatchGetPentestJobsOutput

Retrieves information about one or more pentest jobs in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_pentest_jobs({
  pentest_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.pentest_jobs #=> Array
resp.pentest_jobs[0].pentest_job_id #=> String
resp.pentest_jobs[0].pentest_id #=> String
resp.pentest_jobs[0].title #=> String
resp.pentest_jobs[0].overview #=> String
resp.pentest_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_jobs[0].endpoints #=> Array
resp.pentest_jobs[0].endpoints[0].uri #=> String
resp.pentest_jobs[0].actors #=> Array
resp.pentest_jobs[0].actors[0].identifier #=> String
resp.pentest_jobs[0].actors[0].uris #=> Array
resp.pentest_jobs[0].actors[0].uris[0] #=> String
resp.pentest_jobs[0].actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentest_jobs[0].actors[0].authentication.value #=> String
resp.pentest_jobs[0].actors[0].description #=> String
resp.pentest_jobs[0].documents #=> Array
resp.pentest_jobs[0].documents[0].s3_location #=> String
resp.pentest_jobs[0].documents[0].artifact_id #=> String
resp.pentest_jobs[0].source_code #=> Array
resp.pentest_jobs[0].source_code[0].s3_location #=> String
resp.pentest_jobs[0].exclude_paths #=> Array
resp.pentest_jobs[0].exclude_paths[0].uri #=> String
resp.pentest_jobs[0].allowed_domains #=> Array
resp.pentest_jobs[0].allowed_domains[0].uri #=> String
resp.pentest_jobs[0].exclude_risk_types #=> Array
resp.pentest_jobs[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentest_jobs[0].steps #=> Array
resp.pentest_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
resp.pentest_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.pentest_jobs[0].steps[0].created_at #=> Time
resp.pentest_jobs[0].steps[0].updated_at #=> Time
resp.pentest_jobs[0].execution_context #=> Array
resp.pentest_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.pentest_jobs[0].execution_context[0].context #=> String
resp.pentest_jobs[0].execution_context[0].timestamp #=> Time
resp.pentest_jobs[0].service_role #=> String
resp.pentest_jobs[0].log_config.log_group #=> String
resp.pentest_jobs[0].log_config.log_stream #=> String
resp.pentest_jobs[0].vpc_config.vpc_arn #=> String
resp.pentest_jobs[0].vpc_config.security_group_arns #=> Array
resp.pentest_jobs[0].vpc_config.security_group_arns[0] #=> String
resp.pentest_jobs[0].vpc_config.subnet_arns #=> Array
resp.pentest_jobs[0].vpc_config.subnet_arns[0] #=> String
resp.pentest_jobs[0].network_traffic_config.rules #=> Array
resp.pentest_jobs[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentest_jobs[0].network_traffic_config.rules[0].pattern #=> String
resp.pentest_jobs[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentest_jobs[0].network_traffic_config.custom_headers #=> Array
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentest_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.pentest_jobs[0].error_information.message #=> String
resp.pentest_jobs[0].integrated_repositories #=> Array
resp.pentest_jobs[0].integrated_repositories[0].integration_id #=> String
resp.pentest_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.pentest_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentest_jobs[0].created_at #=> Time
resp.pentest_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_job_ids (required, Array<String>) —

  The list of pentest job identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentest jobs.

Returns:

• (Types::BatchGetPentestJobsOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_jobs => Array<Types::PentestJob>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1123

def batch_get_pentest_jobs(params = {}, options = {})
  req = build_request(:batch_get_pentest_jobs, params)
  req.send_request(options)
end

#batch_get_pentests(params = {}) ⇒ Types::BatchGetPentestsOutput

Retrieves information about one or more pentests in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.pentests #=> Array
resp.pentests[0].pentest_id #=> String
resp.pentests[0].agent_space_id #=> String
resp.pentests[0].title #=> String
resp.pentests[0].assets.endpoints #=> Array
resp.pentests[0].assets.endpoints[0].uri #=> String
resp.pentests[0].assets.actors #=> Array
resp.pentests[0].assets.actors[0].identifier #=> String
resp.pentests[0].assets.actors[0].uris #=> Array
resp.pentests[0].assets.actors[0].uris[0] #=> String
resp.pentests[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentests[0].assets.actors[0].authentication.value #=> String
resp.pentests[0].assets.actors[0].description #=> String
resp.pentests[0].assets.documents #=> Array
resp.pentests[0].assets.documents[0].s3_location #=> String
resp.pentests[0].assets.documents[0].artifact_id #=> String
resp.pentests[0].assets.source_code #=> Array
resp.pentests[0].assets.source_code[0].s3_location #=> String
resp.pentests[0].assets.integrated_repositories #=> Array
resp.pentests[0].assets.integrated_repositories[0].integration_id #=> String
resp.pentests[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.pentests[0].exclude_risk_types #=> Array
resp.pentests[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentests[0].service_role #=> String
resp.pentests[0].log_config.log_group #=> String
resp.pentests[0].log_config.log_stream #=> String
resp.pentests[0].vpc_config.vpc_arn #=> String
resp.pentests[0].vpc_config.security_group_arns #=> Array
resp.pentests[0].vpc_config.security_group_arns[0] #=> String
resp.pentests[0].vpc_config.subnet_arns #=> Array
resp.pentests[0].vpc_config.subnet_arns[0] #=> String
resp.pentests[0].network_traffic_config.rules #=> Array
resp.pentests[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentests[0].network_traffic_config.rules[0].pattern #=> String
resp.pentests[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentests[0].network_traffic_config.custom_headers #=> Array
resp.pentests[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentests[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentests[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentests[0].created_at #=> Time
resp.pentests[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_ids (required, Array<String>) —

  The list of pentest identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentests.

Returns:

• (Types::BatchGetPentestsOutput) —

  Returns a response object which responds to the following methods:

  • #pentests => Array<Types::Pentest>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1198

def batch_get_pentests(params = {}, options = {})
  req = build_request(:batch_get_pentests, params)
  req.send_request(options)
end

#batch_get_target_domains(params = {}) ⇒ Types::BatchGetTargetDomainsOutput

Retrieves information about one or more target domains.

Examples:

Request syntax with placeholder values

resp = client.batch_get_target_domains({
  target_domain_ids: ["String"], # required
})

Response structure

resp.target_domains #=> Array
resp.target_domains[0].target_domain_id #=> String
resp.target_domains[0].domain_name #=> String
resp.target_domains[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.target_domains[0].verification_status_reason #=> String
resp.target_domains[0].verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.target_domains[0].verification_details.dns_txt.token #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_name #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.target_domains[0].verification_details.http_route.token #=> String
resp.target_domains[0].verification_details.http_route.route_path #=> String
resp.target_domains[0].created_at #=> Time
resp.target_domains[0].verified_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_ids (required, Array<String>) —

  The list of target domain identifiers to retrieve.

Returns:

• (Types::BatchGetTargetDomainsOutput) —

  Returns a response object which responds to the following methods:

  • #target_domains => Array<Types::TargetDomain>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1241

def batch_get_target_domains(params = {}, options = {})
  req = build_request(:batch_get_target_domains, params)
  req.send_request(options)
end

#create_agent_space(params = {}) ⇒ Types::CreateAgentSpaceOutput

Creates a new agent space. An agent space is a dedicated workspace for securing a specific application.

Examples:

Request syntax with placeholder values

resp = client.create_agent_space({
  name: "AgentName", # required
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.kms_key_id #=> String
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the agent space.

• :description (String) —

  A description of the agent space.

• :aws_resources (Types::AWSResources) —

  The AWS resources to associate with the agent space.

• :target_domain_ids (Array<String>) —

  The list of target domain identifiers to associate with the agent space.

• :code_review_settings (Types::CodeReviewSettings) —

  The code review settings for the agent space.

• :kms_key_id (String) —

  The identifier of the AWS KMS key to use for encrypting data in the agent space.

• :tags (Hash<String,String>) —

  The tags to associate with the agent space.

Returns:

• (Types::CreateAgentSpaceOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String
  • #name => String
  • #description => String
  • #aws_resources => Types::AWSResources
  • #target_domain_ids => Array<String>
  • #code_review_settings => Types::CodeReviewSettings
  • #kms_key_id => String
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1347

def create_agent_space(params = {}, options = {})
  req = build_request(:create_agent_space, params)
  req.send_request(options)
end

#create_application(params = {}) ⇒ Types::CreateApplicationResponse

Creates a new application. An application is the top-level organizational unit that supports IAM Identity Center integration.

Examples:

Request syntax with placeholder values

resp = client.create_application({
  idc_instance_arn: "IdCInstanceArn",
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.application_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :idc_instance_arn (String) —

  The Amazon Resource Name (ARN) of the IAM Identity Center instance to associate with the application.

• :role_arn (String) —

  The Amazon Resource Name (ARN) of the IAM role to associate with the application.

• :default_kms_key_id (String) —

  The identifier of the default AWS KMS key to use for encrypting data in the application.

• :tags (Hash<String,String>) —

  The tags to associate with the application.

Returns:

• (Types::CreateApplicationResponse) —

  Returns a response object which responds to the following methods:

  • #application_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1393

def create_application(params = {}, options = {})
  req = build_request(:create_application, params)
  req.send_request(options)
end

#create_code_review(params = {}) ⇒ Types::CreateCodeReviewOutput

Creates a new code review configuration in an agent space. A code review defines the parameters for automated security-focused code analysis.

Examples:

Request syntax with placeholder values

resp = client.create_code_review({
  title: "String", # required
  agent_space_id: "String", # required
  assets: { # required
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure

resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :title (required, String) —

  The title of the code review.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to create the code review in.

• :assets (required, Types::Assets) —

  The assets to include in the code review, such as documents and source code.

• :service_role (String) —

  The IAM service role to use for the code review.

• :log_config (Types::CloudWatchLog) —

  The CloudWatch Logs configuration for the code review.

• :code_remediation_strategy (String) —

  The code remediation strategy for the code review. Valid values are AUTOMATIC and DISABLED.

Returns:

• (Types::CreateCodeReviewOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String
  • #code_remediation_strategy => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1515

def create_code_review(params = {}, options = {})
  req = build_request(:create_code_review, params)
  req.send_request(options)
end

#create_integration(params = {}) ⇒ Types::CreateIntegrationOutput

Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.

Examples:

Request syntax with placeholder values

resp = client.create_integration({
  provider: "GITHUB", # required, accepts GITHUB
  input: { # required
    github: {
      code: "AuthCode", # required
      state: "CsrfState", # required
      organization_name: "String",
    },
  },
  integration_display_name: "String", # required
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.integration_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :provider (required, String) —

  The integration provider. Currently, only GITHUB is supported.

• :input (required, Types::ProviderInput) —

  The provider-specific input required to create the integration.

• :integration_display_name (required, String) —

  The display name for the integration.

• :kms_key_id (String) —

  The identifier of the AWS KMS key to use for encrypting data associated with the integration.

• :tags (Hash<String,String>) —

  The tags to associate with the integration.

Returns:

• (Types::CreateIntegrationOutput) —

  Returns a response object which responds to the following methods:

  • #integration_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1569

def create_integration(params = {}, options = {})
  req = build_request(:create_integration, params)
  req.send_request(options)
end

#create_membership(params = {}) ⇒ Struct

Creates a new membership, granting a user access to an agent space within an application.

Examples:

Request syntax with placeholder values

resp = client.create_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # required, accepts USER
  config: {
    user: {
      role: "MEMBER", # accepts MEMBER
    },
  },
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application that contains the agent space.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to grant access to.

• :membership_id (required, String) —

  The unique identifier for the membership.

• :member_type (required, String) —

  The type of member. Currently, only USER is supported.

• :config (Types::MembershipConfig) —

  The configuration for the membership, such as the user role.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1613

def create_membership(params = {}, options = {})
  req = build_request(:create_membership, params)
  req.send_request(options)
end

#create_pentest(params = {}) ⇒ Types::CreatePentestOutput

Creates a new pentest configuration in an agent space. A pentest defines the security test parameters, including target assets, risk type exclusions, and logging configuration.

Examples:

Request syntax with placeholder values

resp = client.create_pentest({
  title: "String", # required
  agent_space_id: "String", # required
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure

resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :title (required, String) —

  The title of the pentest.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to create the pentest in.

• :assets (Types::Assets) —

  The assets to include in the pentest, such as endpoints, actors, documents, and source code.

• :exclude_risk_types (Array<String>) —

  The list of risk types to exclude from the pentest.

• :service_role (String) —

  The IAM service role to use for the pentest.

• :log_config (Types::CloudWatchLog) —

  The CloudWatch Logs configuration for the pentest.

• :vpc_config (Types::VpcConfig) —

  The VPC configuration for the pentest.

• :network_traffic_config (Types::NetworkTrafficConfig) —

  The network traffic configuration for the pentest, including custom headers and traffic rules.

• :code_remediation_strategy (String) —

  The code remediation strategy for the pentest. Valid values are AUTOMATIC and DISABLED.

Returns:

• (Types::CreatePentestOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #exclude_risk_types => Array<String>
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1767

def create_pentest(params = {}, options = {})
  req = build_request(:create_pentest, params)
  req.send_request(options)
end

#create_target_domain(params = {}) ⇒ Types::CreateTargetDomainOutput

Creates a new target domain for penetration testing. A target domain is a web domain that must be registered and verified before it can be tested.

Examples:

Request syntax with placeholder values

resp = client.create_target_domain({
  target_domain_name: "String", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_name (required, String) —

  The domain name to register as a target domain.

• :verification_method (required, String) —

  The method to use for verifying domain ownership. Valid values are DNS_TXT, HTTP_ROUTE, and PRIVATE_VPC.

• :tags (Hash<String,String>) —

  The tags to associate with the target domain.

Returns:

• (Types::CreateTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String
  • #domain_name => String
  • #verification_status => String
  • #verification_status_reason => String
  • #verification_details => Types::VerificationDetails
  • #created_at => Time
  • #verified_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1825

def create_target_domain(params = {}, options = {})
  req = build_request(:create_target_domain, params)
  req.send_request(options)
end

#delete_agent_space(params = {}) ⇒ Types::DeleteAgentSpaceOutput

Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.

Examples:

Request syntax with placeholder values

resp = client.delete_agent_space({
  agent_space_id: "AgentSpaceId", # required
})

Response structure

resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to delete.

Returns:

• (Types::DeleteAgentSpaceOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1854

def delete_agent_space(params = {}, options = {})
  req = build_request(:delete_agent_space, params)
  req.send_request(options)
end

#delete_application(params = {}) ⇒ Struct

Deletes an application and its associated configuration, including IAM Identity Center settings.

Examples:

Request syntax with placeholder values

resp = client.delete_application({
  application_id: "ApplicationId", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1877

def delete_application(params = {}, options = {})
  req = build_request(:delete_application, params)
  req.send_request(options)
end

#delete_artifact(params = {}) ⇒ Struct

Deletes an artifact from an agent space.

Examples:

Request syntax with placeholder values

resp = client.delete_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the artifact.

• :artifact_id (required, String) —

  The unique identifier of the artifact to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1903

def delete_artifact(params = {}, options = {})
  req = build_request(:delete_artifact, params)
  req.send_request(options)
end

#delete_integration(params = {}) ⇒ Struct

Deletes an integration with a third-party provider.

Examples:

Request syntax with placeholder values

resp = client.delete_integration({
  integration_id: "IntegrationId", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :integration_id (required, String) —

  The unique identifier of the integration to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1925

def delete_integration(params = {}, options = {})
  req = build_request(:delete_integration, params)
  req.send_request(options)
end

#delete_membership(params = {}) ⇒ Struct

Deletes a membership, revoking a user's access to an agent space.

Examples:

Request syntax with placeholder values

resp = client.delete_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # accepts USER
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application that contains the agent space.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to revoke access from.

• :membership_id (required, String) —

  The unique identifier of the membership to delete.

• :member_type (String) —

  The type of member to remove.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1960

def delete_membership(params = {}, options = {})
  req = build_request(:delete_membership, params)
  req.send_request(options)
end

#delete_target_domain(params = {}) ⇒ Types::DeleteTargetDomainOutput

Deletes a target domain registration. After deletion, the domain can no longer be used for penetration testing.

Examples:

Request syntax with placeholder values

resp = client.delete_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure

resp.target_domain_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_id (required, String) —

  The unique identifier of the target domain to delete.

Returns:

• (Types::DeleteTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1989

def delete_target_domain(params = {}, options = {})
  req = build_request(:delete_target_domain, params)
  req.send_request(options)
end

#get_application(params = {}) ⇒ Types::GetApplicationResponse

Retrieves information about an application.

Examples:

Request syntax with placeholder values

resp = client.get_application({
  application_id: "ApplicationId", # required
})

Response structure

resp.application_id #=> String
resp.domain #=> String
resp.application_name #=> String
resp.idc_configuration.idc_application_arn #=> String
resp.idc_configuration.idc_instance_arn #=> String
resp.role_arn #=> String
resp.default_kms_key_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application to retrieve.

Returns:

• (Types::GetApplicationResponse) —

  Returns a response object which responds to the following methods:

  • #application_id => String
  • #domain => String
  • #application_name => String
  • #idc_configuration => Types::IdCConfiguration
  • #role_arn => String
  • #default_kms_key_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2028

def get_application(params = {}, options = {})
  req = build_request(:get_application, params)
  req.send_request(options)
end

#get_artifact(params = {}) ⇒ Types::GetArtifactOutput

Retrieves an artifact from an agent space.

Examples:

Request syntax with placeholder values

resp = client.get_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Response structure

resp.agent_space_id #=> String
resp.artifact_id #=> String
resp.artifact.contents #=> String
resp.artifact.type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.file_name #=> String
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the artifact.

• :artifact_id (required, String) —

  The unique identifier of the artifact to retrieve.

Returns:

• (Types::GetArtifactOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String
  • #artifact_id => String
  • #artifact => Types::Artifact
  • #file_name => String
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2069

def get_artifact(params = {}, options = {})
  req = build_request(:get_artifact, params)
  req.send_request(options)
end

#get_integration(params = {}) ⇒ Types::GetIntegrationOutput

Retrieves information about an integration.

Examples:

Request syntax with placeholder values

resp = client.get_integration({
  integration_id: "IntegrationId", # required
})

Response structure

resp.integration_id #=> String
resp.installation_id #=> String
resp.provider #=> String, one of "GITHUB"
resp.provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.display_name #=> String
resp.kms_key_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :integration_id (required, String) —

  The unique identifier of the integration to retrieve.

Returns:

• (Types::GetIntegrationOutput) —

  Returns a response object which responds to the following methods:

  • #integration_id => String
  • #installation_id => String
  • #provider => String
  • #provider_type => String
  • #display_name => String
  • #kms_key_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2107

def get_integration(params = {}, options = {})
  req = build_request(:get_integration, params)
  req.send_request(options)
end

#initiate_provider_registration(params = {}) ⇒ Types::InitiateProviderRegistrationOutput

Initiates the OAuth registration flow with a third-party provider. Returns a redirect URL and CSRF state token for completing the authorization.

Examples:

Request syntax with placeholder values

resp = client.initiate_provider_registration({
  provider: "GITHUB", # required, accepts GITHUB
})

Response structure

resp.redirect_to #=> String
resp.csrf_state #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :provider (required, String) —

  The provider to initiate registration with. Currently, only GITHUB is supported.

Returns:

• (Types::InitiateProviderRegistrationOutput) —

  Returns a response object which responds to the following methods:

  • #redirect_to => String
  • #csrf_state => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2140

def initiate_provider_registration(params = {}, options = {})
  req = build_request(:initiate_provider_registration, params)
  req.send_request(options)
end

#list_agent_spaces(params = {}) ⇒ Types::ListAgentSpacesOutput

Returns a paginated list of agent space summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_agent_spaces({
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.agent_space_summaries #=> Array
resp.agent_space_summaries[0].agent_space_id #=> String
resp.agent_space_summaries[0].name #=> String
resp.agent_space_summaries[0].created_at #=> Time
resp.agent_space_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListAgentSpacesOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_summaries => Array<Types::AgentSpaceSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2183

def list_agent_spaces(params = {}, options = {})
  req = build_request(:list_agent_spaces, params)
  req.send_request(options)
end

#list_applications(params = {}) ⇒ Types::ListApplicationsResponse

Returns a paginated list of application summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_applications({
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.application_summaries #=> Array
resp.application_summaries[0].application_id #=> String
resp.application_summaries[0].application_name #=> String
resp.application_summaries[0].domain #=> String
resp.application_summaries[0].default_kms_key_id #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListApplicationsResponse) —

  Returns a response object which responds to the following methods:

  • #application_summaries => Array<Types::ApplicationSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2226

def list_applications(params = {}, options = {})
  req = build_request(:list_applications, params)
  req.send_request(options)
end

#list_artifacts(params = {}) ⇒ Types::ListArtifactsOutput

Returns a paginated list of artifact summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_artifacts({
  agent_space_id: "AgentSpaceId", # required
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.artifact_summaries #=> Array
resp.artifact_summaries[0].artifact_id #=> String
resp.artifact_summaries[0].file_name #=> String
resp.artifact_summaries[0].artifact_type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list artifacts for.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListArtifactsOutput) —

  Returns a response object which responds to the following methods:

  • #artifact_summaries => Array<Types::ArtifactSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2273

def list_artifacts(params = {}, options = {})
  req = build_request(:list_artifacts, params)
  req.send_request(options)
end

#list_code_review_job_tasks(params = {}) ⇒ Types::ListCodeReviewJobTasksOutput

Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_code_review_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  code_review_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
  category_name: "String",
  next_token: "NextToken",
})

Response structure

resp.code_review_job_task_summaries #=> Array
resp.code_review_job_task_summaries[0].task_id #=> String
resp.code_review_job_task_summaries[0].code_review_id #=> String
resp.code_review_job_task_summaries[0].code_review_job_id #=> String
resp.code_review_job_task_summaries[0].agent_space_id #=> String
resp.code_review_job_task_summaries[0].title #=> String
resp.code_review_job_task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_task_summaries[0].created_at #=> Time
resp.code_review_job_task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :code_review_job_id (String) —

  The unique identifier of the code review job to list tasks for.

• :step_name (String) —

  Filter tasks by step name.

• :category_name (String) —

  Filter tasks by category name.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListCodeReviewJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_job_task_summaries => Array<Types::CodeReviewJobTaskSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2338

def list_code_review_job_tasks(params = {}, options = {})
  req = build_request(:list_code_review_job_tasks, params)
  req.send_request(options)
end

#list_code_review_jobs_for_code_review(params = {}) ⇒ Types::ListCodeReviewJobsForCodeReviewOutput

Returns a paginated list of code review job summaries for the specified code review configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_code_review_jobs_for_code_review({
  max_results: 1,
  code_review_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure

resp.code_review_job_summaries #=> Array
resp.code_review_job_summaries[0].code_review_job_id #=> String
resp.code_review_job_summaries[0].code_review_id #=> String
resp.code_review_job_summaries[0].title #=> String
resp.code_review_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_job_summaries[0].created_at #=> Time
resp.code_review_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :code_review_id (required, String) —

  The unique identifier of the code review to list jobs for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListCodeReviewJobsForCodeReviewOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_job_summaries => Array<Types::CodeReviewJobSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2392

def list_code_review_jobs_for_code_review(params = {}, options = {})
  req = build_request(:list_code_review_jobs_for_code_review, params)
  req.send_request(options)
end

#list_code_reviews(params = {}) ⇒ Types::ListCodeReviewsOutput

Returns a paginated list of code review summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_code_reviews({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure

resp.code_review_summaries #=> Array
resp.code_review_summaries[0].code_review_id #=> String
resp.code_review_summaries[0].agent_space_id #=> String
resp.code_review_summaries[0].title #=> String
resp.code_review_summaries[0].created_at #=> Time
resp.code_review_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list code reviews for.

Returns:

• (Types::ListCodeReviewsOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_summaries => Array<Types::CodeReviewSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2441

def list_code_reviews(params = {}, options = {})
  req = build_request(:list_code_reviews, params)
  req.send_request(options)
end

#list_discovered_endpoints(params = {}) ⇒ Types::ListDiscoveredEndpointsOutput

Returns a paginated list of endpoints discovered during a pentest job execution.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_discovered_endpoints({
  max_results: 1,
  pentest_job_id: "String", # required
  agent_space_id: "String", # required
  prefix: "String",
  next_token: "NextToken",
})

Response structure

resp.discovered_endpoints #=> Array
resp.discovered_endpoints[0].uri #=> String
resp.discovered_endpoints[0].pentest_job_id #=> String
resp.discovered_endpoints[0].task_id #=> String
resp.discovered_endpoints[0].agent_space_id #=> String
resp.discovered_endpoints[0].evidence #=> String
resp.discovered_endpoints[0].operation #=> String
resp.discovered_endpoints[0].description #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_job_id (required, String) —

  The unique identifier of the pentest job to list discovered endpoints for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :prefix (String) —

  A prefix to filter discovered endpoints by URI.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListDiscoveredEndpointsOutput) —

  Returns a response object which responds to the following methods:

  • #discovered_endpoints => Array<Types::DiscoveredEndpoint>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2501

def list_discovered_endpoints(params = {}, options = {})
  req = build_request(:list_discovered_endpoints, params)
  req.send_request(options)
end

#list_findings(params = {}) ⇒ Types::ListFindingsOutput

Lists the security findings for a pentest job.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_findings({
  max_results: 1,
  pentest_job_id: "String",
  code_review_job_id: "String",
  agent_space_id: "String", # required
  next_token: "NextToken",
  risk_type: "String",
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
  confidence: "FALSE_POSITIVE", # accepts FALSE_POSITIVE, UNCONFIRMED, LOW, MEDIUM, HIGH
  name: "String",
})

Response structure

resp.findings_summaries #=> Array
resp.findings_summaries[0].finding_id #=> String
resp.findings_summaries[0].agent_space_id #=> String
resp.findings_summaries[0].pentest_id #=> String
resp.findings_summaries[0].pentest_job_id #=> String
resp.findings_summaries[0].code_review_id #=> String
resp.findings_summaries[0].code_review_job_id #=> String
resp.findings_summaries[0].name #=> String
resp.findings_summaries[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings_summaries[0].risk_type #=> String
resp.findings_summaries[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings_summaries[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings_summaries[0].created_at #=> Time
resp.findings_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_job_id (String) —

  The unique identifier of the pentest job to list findings for.

• :code_review_job_id (String) —

  The unique identifier of the code review job to list findings for. Mutually exclusive with pentestJobId.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :risk_type (String) —

  Filter findings by risk type.

• :risk_level (String) —

  Filter findings by risk level.

• :status (String) —

  Filter findings by status.

• :confidence (String) —

  Filter findings by confidence level.

• :name (String) —

  Filter findings by name.

Returns:

• (Types::ListFindingsOutput) —

  Returns a response object which responds to the following methods:

  • #findings_summaries => Array<Types::FindingSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2586

def list_findings(params = {}, options = {})
  req = build_request(:list_findings, params)
  req.send_request(options)
end

#list_integrated_resources(params = {}) ⇒ Types::ListIntegratedResourcesOutput

Lists the integrated resources for an agent space, optionally filtered by integration or resource type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId",
  resource_type: "CODE_REPOSITORY", # accepts CODE_REPOSITORY
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.integrated_resource_summaries #=> Array
resp.integrated_resource_summaries[0].integration_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.name #=> String
resp.integrated_resource_summaries[0].resource.github_repository.provider_resource_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.owner #=> String
resp.integrated_resource_summaries[0].resource.github_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
resp.integrated_resource_summaries[0].capabilities.github.leave_comments #=> Boolean
resp.integrated_resource_summaries[0].capabilities.github.remediate_code #=> Boolean
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list integrated resources for.

• :integration_id (String) —

  The unique identifier of the integration to filter by.

• :resource_type (String) —

  The type of resource to filter by.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListIntegratedResourcesOutput) —

  Returns a response object which responds to the following methods:

  • #integrated_resource_summaries => Array<Types::IntegratedResourceSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2646

def list_integrated_resources(params = {}, options = {})
  req = build_request(:list_integrated_resources, params)
  req.send_request(options)
end

#list_integrations(params = {}) ⇒ Types::ListIntegrationsOutput

Lists the integrations in your account, optionally filtered by provider or provider type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_integrations({
  filter: {
    provider: "GITHUB", # accepts GITHUB
    provider_type: "SOURCE_CODE", # accepts SOURCE_CODE, DOCUMENTATION
  },
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.integration_summaries #=> Array
resp.integration_summaries[0].integration_id #=> String
resp.integration_summaries[0].installation_id #=> String
resp.integration_summaries[0].provider #=> String, one of "GITHUB"
resp.integration_summaries[0].provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.integration_summaries[0].display_name #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :filter (Types::IntegrationFilter) —

  A filter to apply to the list of integrations.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListIntegrationsOutput) —

  Returns a response object which responds to the following methods:

  • #integration_summaries => Array<Types::IntegrationSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2698

def list_integrations(params = {}, options = {})
  req = build_request(:list_integrations, params)
  req.send_request(options)
end

#list_memberships(params = {}) ⇒ Types::ListMembershipsResponse

Returns a paginated list of membership summaries for the specified agent space within an application.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_memberships({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  member_type: "USER", # accepts USER, ALL
  max_results: 1,
  next_token: "NextToken",
})

Response structure

resp.membership_summaries #=> Array
resp.membership_summaries[0].membership_id #=> String
resp.membership_summaries[0].application_id #=> String
resp.membership_summaries[0].agent_space_id #=> String
resp.membership_summaries[0].member_type #=> String, one of "USER"
resp.membership_summaries[0].config.user.role #=> String, one of "MEMBER"
resp.membership_summaries[0].metadata.user.username #=> String
resp.membership_summaries[0].metadata.user.email #=> String
resp.membership_summaries[0].created_at #=> Time
resp.membership_summaries[0].updated_at #=> Time
resp.membership_summaries[0].created_by #=> String
resp.membership_summaries[0].updated_by #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application that contains the agent space.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list memberships for.

• :member_type (String) —

  Filter memberships by member type.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListMembershipsResponse) —

  Returns a response object which responds to the following methods:

  • #membership_summaries => Array<Types::MembershipSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2762

def list_memberships(params = {}, options = {})
  req = build_request(:list_memberships, params)
  req.send_request(options)
end

#list_pentest_job_tasks(params = {}) ⇒ Types::ListPentestJobTasksOutput

Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_pentest_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  pentest_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
  category_name: "String",
  next_token: "NextToken",
})

Response structure

resp.task_summaries #=> Array
resp.task_summaries[0].task_id #=> String
resp.task_summaries[0].pentest_id #=> String
resp.task_summaries[0].pentest_job_id #=> String
resp.task_summaries[0].agent_space_id #=> String
resp.task_summaries[0].title #=> String
resp.task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.task_summaries[0].created_at #=> Time
resp.task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_job_id (String) —

  The unique identifier of the pentest job to list tasks for.

• :step_name (String) —

  Filter tasks by step name. Valid values include PREFLIGHT, STATIC_ANALYSIS, PENTEST, and FINALIZING.

• :category_name (String) —

  Filter tasks by category name.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListPentestJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #task_summaries => Array<Types::TaskSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2828

def list_pentest_job_tasks(params = {}, options = {})
  req = build_request(:list_pentest_job_tasks, params)
  req.send_request(options)
end

#list_pentest_jobs_for_pentest(params = {}) ⇒ Types::ListPentestJobsForPentestOutput

Returns a paginated list of pentest job summaries for the specified pentest configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_pentest_jobs_for_pentest({
  max_results: 1,
  pentest_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure

resp.pentest_job_summaries #=> Array
resp.pentest_job_summaries[0].pentest_job_id #=> String
resp.pentest_job_summaries[0].pentest_id #=> String
resp.pentest_job_summaries[0].title #=> String
resp.pentest_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_job_summaries[0].created_at #=> Time
resp.pentest_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_id (required, String) —

  The unique identifier of the pentest to list jobs for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListPentestJobsForPentestOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_job_summaries => Array<Types::PentestJobSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2882

def list_pentest_jobs_for_pentest(params = {}, options = {})
  req = build_request(:list_pentest_jobs_for_pentest, params)
  req.send_request(options)
end

#list_pentests(params = {}) ⇒ Types::ListPentestsOutput

Returns a paginated list of pentest summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_pentests({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure

resp.pentest_summaries #=> Array
resp.pentest_summaries[0].pentest_id #=> String
resp.pentest_summaries[0].agent_space_id #=> String
resp.pentest_summaries[0].title #=> String
resp.pentest_summaries[0].created_at #=> Time
resp.pentest_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list pentests for.

Returns:

• (Types::ListPentestsOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_summaries => Array<Types::PentestSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2931

def list_pentests(params = {}, options = {})
  req = build_request(:list_pentests, params)
  req.send_request(options)
end

#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceOutput

Returns the tags associated with the specified resource.

Examples:

Request syntax with placeholder values

resp = client.list_tags_for_resource({
  resource_arn: "ResourceArn", # required
})

Response structure

resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource to list tags for.

Returns:

• (Types::ListTagsForResourceOutput) —

  Returns a response object which responds to the following methods:

  • #tags => Hash<String,String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2960

def list_tags_for_resource(params = {}, options = {})
  req = build_request(:list_tags_for_resource, params)
  req.send_request(options)
end

#list_target_domains(params = {}) ⇒ Types::ListTargetDomainsOutput

Returns a paginated list of target domain summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_target_domains({
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.target_domain_summaries #=> Array
resp.target_domain_summaries[0].target_domain_id #=> String
resp.target_domain_summaries[0].domain_name #=> String
resp.target_domain_summaries[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListTargetDomainsOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_summaries => Array<Types::TargetDomainSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3002

def list_target_domains(params = {}, options = {})
  req = build_request(:list_target_domains, params)
  req.send_request(options)
end

#start_code_remediation(params = {}) ⇒ Struct

Initiates code remediation for one or more security findings. This creates pull requests in integrated repositories to fix the identified vulnerabilities.

Examples:

Request syntax with placeholder values

resp = client.start_code_remediation({
  agent_space_id: "String", # required
  pentest_job_id: "String",
  code_review_job_id: "String",
  finding_ids: ["String"], # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :pentest_job_id (String) —

  The unique identifier of the pentest job that produced the findings. Mutually exclusive with codeReviewJobId.

• :code_review_job_id (String) —

  The unique identifier of the code review job that produced the findings. Mutually exclusive with pentestJobId.

• :finding_ids (required, Array<String>) —

  The list of finding identifiers to initiate code remediation for.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3040

def start_code_remediation(params = {}, options = {})
  req = build_request(:start_code_remediation, params)
  req.send_request(options)
end

#start_code_review_job(params = {}) ⇒ Types::StartCodeReviewJobOutput

Starts a new code review job for a code review configuration. The job executes the security-focused code analysis defined in the code review.

Examples:

Request syntax with placeholder values

resp = client.start_code_review_job({
  agent_space_id: "String", # required
  code_review_id: "String", # required
})

Response structure

resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.code_review_id #=> String
resp.code_review_job_id #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :code_review_id (required, String) —

  The unique identifier of the code review to start a job for.

Returns:

• (Types::StartCodeReviewJobOutput) —

  Returns a response object which responds to the following methods:

  • #title => String
  • #status => String
  • #created_at => Time
  • #updated_at => Time
  • #code_review_id => String
  • #code_review_job_id => String
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3086

def start_code_review_job(params = {}, options = {})
  req = build_request(:start_code_review_job, params)
  req.send_request(options)
end

#start_pentest_job(params = {}) ⇒ Types::StartPentestJobOutput

Starts a new pentest job for a pentest configuration. The job executes the security tests defined in the pentest.

Examples:

Request syntax with placeholder values

resp = client.start_pentest_job({
  agent_space_id: "String", # required
  pentest_id: "String", # required
})

Response structure

resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.pentest_id #=> String
resp.pentest_job_id #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :pentest_id (required, String) —

  The unique identifier of the pentest to start a job for.

Returns:

• (Types::StartPentestJobOutput) —

  Returns a response object which responds to the following methods:

  • #title => String
  • #status => String
  • #created_at => Time
  • #updated_at => Time
  • #pentest_id => String
  • #pentest_job_id => String
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3131

def start_pentest_job(params = {}, options = {})
  req = build_request(:start_pentest_job, params)
  req.send_request(options)
end

#stop_code_review_job(params = {}) ⇒ Struct

Stops a running code review job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values

resp = client.stop_code_review_job({
  agent_space_id: "String", # required
  code_review_job_id: "String", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :code_review_job_id (required, String) —

  The unique identifier of the code review job to stop.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3158

def stop_code_review_job(params = {}, options = {})
  req = build_request(:stop_code_review_job, params)
  req.send_request(options)
end

#stop_pentest_job(params = {}) ⇒ Struct

Stops a running pentest job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values

resp = client.stop_pentest_job({
  agent_space_id: "String", # required
  pentest_job_id: "String", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :pentest_job_id (required, String) —

  The unique identifier of the pentest job to stop.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3185

def stop_pentest_job(params = {}, options = {})
  req = build_request(:stop_pentest_job, params)
  req.send_request(options)
end

#tag_resource(params = {}) ⇒ Struct

Adds tags to a resource.

Examples:

Request syntax with placeholder values

resp = client.tag_resource({
  resource_arn: "ResourceArn", # required
  tags: { # required
    "TagKey" => "TagValue",
  },
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource to tag.

• :tags (required, Hash<String,String>) —

  The tags to add to the resource.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3213

def tag_resource(params = {}, options = {})
  req = build_request(:tag_resource, params)
  req.send_request(options)
end

#untag_resource(params = {}) ⇒ Struct

Removes tags from a resource.

Examples:

Request syntax with placeholder values

resp = client.untag_resource({
  resource_arn: "ResourceArn", # required
  tag_keys: ["TagKey"], # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource to remove tags from.

• :tag_keys (required, Array<String>) —

  The list of tag keys to remove from the resource.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3239

def untag_resource(params = {}, options = {})
  req = build_request(:untag_resource, params)
  req.send_request(options)
end

#update_agent_space(params = {}) ⇒ Types::UpdateAgentSpaceOutput

Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.

Examples:

Request syntax with placeholder values

resp = client.update_agent_space({
  agent_space_id: "AgentSpaceId", # required
  name: "AgentName",
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
})

Response structure

resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to update.

• :name (String) —

  The updated name of the agent space.

• :description (String) —

  The updated description of the agent space.

• :aws_resources (Types::AWSResources) —

  The updated AWS resources to associate with the agent space.

• :target_domain_ids (Array<String>) —

  The updated list of target domain identifiers to associate with the agent space.

• :code_review_settings (Types::CodeReviewSettings) —

  The updated code review settings for the agent space.

Returns:

• (Types::UpdateAgentSpaceOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String
  • #name => String
  • #description => String
  • #aws_resources => Types::AWSResources
  • #target_domain_ids => Array<String>
  • #code_review_settings => Types::CodeReviewSettings
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3337

def update_agent_space(params = {}, options = {})
  req = build_request(:update_agent_space, params)
  req.send_request(options)
end

#update_application(params = {}) ⇒ Types::UpdateApplicationResponse

Updates the configuration of an existing application, including the IAM role and default KMS key.

Examples:

Request syntax with placeholder values

resp = client.update_application({
  application_id: "ApplicationId", # required
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
})

Response structure

resp.application_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application to update.

• :role_arn (String) —

  The updated Amazon Resource Name (ARN) of the IAM role for the application.

• :default_kms_key_id (String) —

  The updated identifier of the default AWS KMS key for the application.

Returns:

• (Types::UpdateApplicationResponse) —

  Returns a response object which responds to the following methods:

  • #application_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3375

def update_application(params = {}, options = {})
  req = build_request(:update_application, params)
  req.send_request(options)
end

#update_code_review(params = {}) ⇒ Types::UpdateCodeReviewOutput

Updates an existing code review configuration.

Examples:

Request syntax with placeholder values

resp = client.update_code_review({
  code_review_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure

resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_id (required, String) —

  The unique identifier of the code review to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code review.

• :title (String) —

  The updated title of the code review.

• :assets (Types::Assets) —

  The updated assets for the code review.

• :service_role (String) —

  The updated IAM service role for the code review.

• :log_config (Types::CloudWatchLog) —

  The updated CloudWatch Logs configuration for the code review.

• :code_remediation_strategy (String) —

  The updated code remediation strategy for the code review.

Returns:

• (Types::UpdateCodeReviewOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String
  • #code_remediation_strategy => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3498

def update_code_review(params = {}, options = {})
  req = build_request(:update_code_review, params)
  req.send_request(options)
end

#update_finding(params = {}) ⇒ Struct

Updates the status or risk level of a security finding.

Examples:

Request syntax with placeholder values

resp = client.update_finding({
  finding_id: "String", # required
  agent_space_id: "String", # required
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :finding_id (required, String) —

  The unique identifier of the finding to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the finding.

• :risk_level (String) —

  The updated risk level for the finding.

• :status (String) —

  The updated status for the finding.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3532

def update_finding(params = {}, options = {})
  req = build_request(:update_finding, params)
  req.send_request(options)
end

#update_integrated_resources(params = {}) ⇒ Struct

Updates the integrated resources for an agent space, including their capabilities.

Examples:

Request syntax with placeholder values

resp = client.update_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId", # required
  items: [ # required
    {
      resource: { # required
        github_repository: {
          name: "ProviderResourceName", # required
          owner: "GitHubOwner", # required
        },
      },
      capabilities: {
        github: {
          leave_comments: false,
          remediate_code: false,
        },
      },
    },
  ],
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :integration_id (required, String) —

  The unique identifier of the integration.

• :items (required, Array<Types::IntegratedResourceInputItem>) —

  The list of integrated resource items to update.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3578

def update_integrated_resources(params = {}, options = {})
  req = build_request(:update_integrated_resources, params)
  req.send_request(options)
end

#update_pentest(params = {}) ⇒ Types::UpdatePentestOutput

Updates an existing pentest configuration.

Examples:

Request syntax with placeholder values

resp = client.update_pentest({
  pentest_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure

resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_id (required, String) —

  The unique identifier of the pentest to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentest.

• :title (String) —

  The updated title of the pentest.

• :assets (Types::Assets) —

  The updated assets for the pentest.

• :exclude_risk_types (Array<String>) —

  The updated list of risk types to exclude from the pentest.

• :service_role (String) —

  The updated IAM service role for the pentest.

• :log_config (Types::CloudWatchLog) —

  The updated CloudWatch Logs configuration for the pentest.

• :vpc_config (Types::VpcConfig) —

  The updated VPC configuration for the pentest.

• :network_traffic_config (Types::NetworkTrafficConfig) —

  The updated network traffic configuration for the pentest.

• :code_remediation_strategy (String) —

  The updated code remediation strategy for the pentest.

Returns:

• (Types::UpdatePentestOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #exclude_risk_types => Array<String>
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3731

def update_pentest(params = {}, options = {})
  req = build_request(:update_pentest, params)
  req.send_request(options)
end

#update_target_domain(params = {}) ⇒ Types::UpdateTargetDomainOutput

Updates the verification method for a target domain.

Examples:

Request syntax with placeholder values

resp = client.update_target_domain({
  target_domain_id: "TargetDomainId", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
})

Response structure

resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_id (required, String) —

  The unique identifier of the target domain to update.

• :verification_method (required, String) —

  The updated verification method for the target domain.

Returns:

• (Types::UpdateTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String
  • #domain_name => String
  • #verification_status => String
  • #verification_status_reason => String
  • #verification_details => Types::VerificationDetails
  • #created_at => Time
  • #verified_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3780

def update_target_domain(params = {}, options = {})
  req = build_request(:update_target_domain, params)
  req.send_request(options)
end

#verify_target_domain(params = {}) ⇒ Types::VerifyTargetDomainOutput

Initiates verification of a target domain. This checks whether the domain ownership verification token has been properly configured.

Examples:

Request syntax with placeholder values

resp = client.verify_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure

resp.target_domain_id #=> String
resp.domain_name #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.verified_at #=> Time
resp.status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_id (required, String) —

  The unique identifier of the target domain to verify.

Returns:

• (Types::VerifyTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String
  • #domain_name => String
  • #created_at => Time
  • #updated_at => Time
  • #verified_at => Time
  • #status => String
  • #verification_status_reason => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3821

def verify_target_domain(params = {}, options = {})
  req = build_request(:verify_target_domain, params)
  req.send_request(options)
end