View a markdown version of this page

CreateThreat - AWS Security Agent

CreateThreat

Creates a new threat under a threat model job.

Request Syntax

POST /CreateThreat HTTP/1.1 Content-type: application/json { "agentSpaceId": "string", "anchor": { "id": "string", "kind": "string", "packageId": "string" }, "comments": "string", "evidence": [ { "packageId": "string", "path": "string" } ], "impactedAssets": [ "string" ], "impactedGoal": [ "string" ], "prerequisites": "string", "recommendation": "string", "severity": "string", "statement": "string", "stride": [ "string" ], "threatAction": "string", "threatImpact": "string", "threatJobId": "string", "threatSource": "string", "title": "string" }

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

agentSpaceId

The unique identifier of the agent space.

Type: String

Required: Yes

anchor

The DFD element this threat is anchored to.

Type: ThreatAnchorShape object

Required: No

comments

Optional customer comment on the threat.

Type: String

Required: No

evidence

The source code files supporting the threat.

Type: Array of ThreatEvidenceShape objects

Required: No

impactedAssets

The specific assets affected by the threat.

Type: Array of strings

Required: No

impactedGoal

The security goals affected by the threat.

Type: Array of strings

Required: No

prerequisites

The conditions required for the threat to be exploitable.

Type: String

Required: No

recommendation

The recommended mitigation guidance for this threat.

Type: String

Required: No

severity

The severity level of the threat.

Type: String

Valid Values: CRITICAL | HIGH | MEDIUM | LOW | INFO

Required: No

statement

The natural-language threat statement.

Type: String

Required: No

stride

The STRIDE categories applicable to this threat.

Type: Array of strings

Valid Values: SPOOFING | TAMPERING | REPUDIATION | INFORMATION_DISCLOSURE | DENIAL_OF_SERVICE | ELEVATION_OF_PRIVILEGE

Required: No

threatAction

What the threat source can do.

Type: String

Required: No

threatImpact

The direct consequence of the threat action.

Type: String

Required: No

threatJobId

The unique identifier of the threat model job the threat belongs to.

Type: String

Required: Yes

threatSource

The actor or origin of the threat.

Type: String

Required: No

title

A short title summarizing the threat.

Type: String

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "anchor": { "id": "string", "kind": "string", "packageId": "string" }, "comments": "string", "createdAt": "string", "createdBy": "string", "evidence": [ { "packageId": "string", "path": "string" } ], "impactedAssets": [ "string" ], "impactedGoal": [ "string" ], "prerequisites": "string", "recommendation": "string", "severity": "string", "statement": "string", "status": "string", "stride": [ "string" ], "threatAction": "string", "threatId": "string", "threatImpact": "string", "threatJobId": "string", "threatSource": "string", "title": "string", "updatedAt": "string", "updatedBy": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

anchor

The DFD element this threat is anchored to.

Type: ThreatAnchorShape object

comments

Optional customer comment on the threat.

Type: String

createdAt

The date and time the threat was created, in UTC format.

Type: Timestamp

createdBy

Who created this threat.

Type: String

Valid Values: CUSTOMER | AGENT

evidence

The source code files supporting the threat.

Type: Array of ThreatEvidenceShape objects

impactedAssets

The specific assets affected by the threat.

Type: Array of strings

impactedGoal

The security goals affected by the threat.

Type: Array of strings

prerequisites

The conditions required for the threat to be exploitable.

Type: String

recommendation

The recommended mitigation guidance for this threat.

Type: String

severity

The severity level of the threat.

Type: String

Valid Values: CRITICAL | HIGH | MEDIUM | LOW | INFO

statement

The natural-language threat statement.

Type: String

status

The current status of the threat.

Type: String

Valid Values: OPEN | RESOLVED | DISMISSED

stride

The STRIDE categories applicable to this threat.

Type: Array of strings

Valid Values: SPOOFING | TAMPERING | REPUDIATION | INFORMATION_DISCLOSURE | DENIAL_OF_SERVICE | ELEVATION_OF_PRIVILEGE

threatAction

What the threat source can do.

Type: String

threatId

The unique identifier of the created threat.

Type: String

threatImpact

The direct consequence of the threat action.

Type: String

threatJobId

The unique identifier of the threat model job the threat belongs to.

Type: String

threatSource

The actor or origin of the threat.

Type: String

title

A short title summarizing the threat.

Type: String

updatedAt

The date and time the threat was last updated, in UTC format.

Type: Timestamp

updatedBy

Who last updated this threat.

Type: String

Valid Values: CUSTOMER | AGENT

Errors

For information about the errors that are common to all actions, see Common Error Types.

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: