CreateThreat
Creates a new threat under a threat model job.
Request Syntax
POST /CreateThreat HTTP/1.1
Content-type: application/json
{
"agentSpaceId": "string",
"anchor": {
"id": "string",
"kind": "string",
"packageId": "string"
},
"comments": "string",
"evidence": [
{
"packageId": "string",
"path": "string"
}
],
"impactedAssets": [ "string" ],
"impactedGoal": [ "string" ],
"prerequisites": "string",
"recommendation": "string",
"severity": "string",
"statement": "string",
"stride": [ "string" ],
"threatAction": "string",
"threatImpact": "string",
"threatJobId": "string",
"threatSource": "string",
"title": "string"
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- agentSpaceId
-
The unique identifier of the agent space.
Type: String
Required: Yes
- anchor
-
The DFD element this threat is anchored to.
Type: ThreatAnchorShape object
Required: No
- comments
-
Optional customer comment on the threat.
Type: String
Required: No
- evidence
-
The source code files supporting the threat.
Type: Array of ThreatEvidenceShape objects
Required: No
- impactedAssets
-
The specific assets affected by the threat.
Type: Array of strings
Required: No
- impactedGoal
-
The security goals affected by the threat.
Type: Array of strings
Required: No
- prerequisites
-
The conditions required for the threat to be exploitable.
Type: String
Required: No
- recommendation
-
The recommended mitigation guidance for this threat.
Type: String
Required: No
- severity
-
The severity level of the threat.
Type: String
Valid Values:
CRITICAL | HIGH | MEDIUM | LOW | INFORequired: No
- statement
-
The natural-language threat statement.
Type: String
Required: No
- stride
-
The STRIDE categories applicable to this threat.
Type: Array of strings
Valid Values:
SPOOFING | TAMPERING | REPUDIATION | INFORMATION_DISCLOSURE | DENIAL_OF_SERVICE | ELEVATION_OF_PRIVILEGERequired: No
- threatAction
-
What the threat source can do.
Type: String
Required: No
- threatImpact
-
The direct consequence of the threat action.
Type: String
Required: No
- threatJobId
-
The unique identifier of the threat model job the threat belongs to.
Type: String
Required: Yes
- threatSource
-
The actor or origin of the threat.
Type: String
Required: No
- title
-
A short title summarizing the threat.
Type: String
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"anchor": {
"id": "string",
"kind": "string",
"packageId": "string"
},
"comments": "string",
"createdAt": "string",
"createdBy": "string",
"evidence": [
{
"packageId": "string",
"path": "string"
}
],
"impactedAssets": [ "string" ],
"impactedGoal": [ "string" ],
"prerequisites": "string",
"recommendation": "string",
"severity": "string",
"statement": "string",
"status": "string",
"stride": [ "string" ],
"threatAction": "string",
"threatId": "string",
"threatImpact": "string",
"threatJobId": "string",
"threatSource": "string",
"title": "string",
"updatedAt": "string",
"updatedBy": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- anchor
-
The DFD element this threat is anchored to.
Type: ThreatAnchorShape object
- comments
-
Optional customer comment on the threat.
Type: String
- createdAt
-
The date and time the threat was created, in UTC format.
Type: Timestamp
- createdBy
-
Who created this threat.
Type: String
Valid Values:
CUSTOMER | AGENT - evidence
-
The source code files supporting the threat.
Type: Array of ThreatEvidenceShape objects
- impactedAssets
-
The specific assets affected by the threat.
Type: Array of strings
- impactedGoal
-
The security goals affected by the threat.
Type: Array of strings
- prerequisites
-
The conditions required for the threat to be exploitable.
Type: String
- recommendation
-
The recommended mitigation guidance for this threat.
Type: String
- severity
-
The severity level of the threat.
Type: String
Valid Values:
CRITICAL | HIGH | MEDIUM | LOW | INFO - statement
-
The natural-language threat statement.
Type: String
- status
-
The current status of the threat.
Type: String
Valid Values:
OPEN | RESOLVED | DISMISSED - stride
-
The STRIDE categories applicable to this threat.
Type: Array of strings
Valid Values:
SPOOFING | TAMPERING | REPUDIATION | INFORMATION_DISCLOSURE | DENIAL_OF_SERVICE | ELEVATION_OF_PRIVILEGE - threatAction
-
What the threat source can do.
Type: String
- threatId
-
The unique identifier of the created threat.
Type: String
- threatImpact
-
The direct consequence of the threat action.
Type: String
- threatJobId
-
The unique identifier of the threat model job the threat belongs to.
Type: String
- threatSource
-
The actor or origin of the threat.
Type: String
- title
-
A short title summarizing the threat.
Type: String
- updatedAt
-
The date and time the threat was last updated, in UTC format.
Type: Timestamp
- updatedBy
-
Who last updated this threat.
Type: String
Valid Values:
CUSTOMER | AGENT
Errors
For information about the errors that are common to all actions, see Common Error Types.
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: