# Pentest
<a name="API_Pentest"></a>

Represents a pentest configuration that defines the parameters for security testing, including target assets, risk type exclusions, and infrastructure settings.

## Contents
<a name="API_Pentest_Contents"></a>

 ** agentSpaceId **   <a name="securityagent-Type-Pentest-agentSpaceId"></a>
The unique identifier of the agent space that contains the pentest.  
Type: String  
Required: Yes

 ** assets **   <a name="securityagent-Type-Pentest-assets"></a>
The assets included in the pentest.  
Type: [Assets](API_Assets.md) object  
Required: Yes

 ** pentestId **   <a name="securityagent-Type-Pentest-pentestId"></a>
The unique identifier of the pentest.  
Type: String  
Required: Yes

 ** title **   <a name="securityagent-Type-Pentest-title"></a>
The title of the pentest.  
Type: String  
Required: Yes

 ** codeRemediationStrategy **   <a name="securityagent-Type-Pentest-codeRemediationStrategy"></a>
The code remediation strategy for the pentest.  
Type: String  
Valid Values: `AUTOMATIC | DISABLED`   
Required: No

 ** createdAt **   <a name="securityagent-Type-Pentest-createdAt"></a>
The date and time the pentest was created, in UTC format.  
Type: Timestamp  
Required: No

 ** excludeRiskTypes **   <a name="securityagent-Type-Pentest-excludeRiskTypes"></a>
The list of risk types excluded from the pentest.  
Type: Array of strings  
Valid Values: `CROSS_SITE_SCRIPTING | DEFAULT_CREDENTIALS | INSECURE_DIRECT_OBJECT_REFERENCE | PRIVILEGE_ESCALATION | SERVER_SIDE_TEMPLATE_INJECTION | COMMAND_INJECTION | CODE_INJECTION | SQL_INJECTION | ARBITRARY_FILE_UPLOAD | INSECURE_DESERIALIZATION | LOCAL_FILE_INCLUSION | INFORMATION_DISCLOSURE | PATH_TRAVERSAL | SERVER_SIDE_REQUEST_FORGERY | JSON_WEB_TOKEN_VULNERABILITIES | XML_EXTERNAL_ENTITY | FILE_DELETION | OTHER | GRAPHQL_VULNERABILITIES | BUSINESS_LOGIC_VULNERABILITIES | CRYPTOGRAPHIC_VULNERABILITIES | DENIAL_OF_SERVICE | FILE_ACCESS | FILE_CREATION | DATABASE_MODIFICATION | DATABASE_ACCESS | OUTBOUND_SERVICE_REQUEST | UNKNOWN`   
Required: No

 ** logConfig **   <a name="securityagent-Type-Pentest-logConfig"></a>
The CloudWatch Logs configuration for the pentest.  
Type: [CloudWatchLog](API_CloudWatchLog.md) object  
Required: No

 ** networkTrafficConfig **   <a name="securityagent-Type-Pentest-networkTrafficConfig"></a>
The network traffic configuration for the pentest.  
Type: [NetworkTrafficConfig](API_NetworkTrafficConfig.md) object  
Required: No

 ** serviceRole **   <a name="securityagent-Type-Pentest-serviceRole"></a>
The IAM service role used for the pentest.  
Type: String  
Required: No

 ** updatedAt **   <a name="securityagent-Type-Pentest-updatedAt"></a>
The date and time the pentest was last updated, in UTC format.  
Type: Timestamp  
Required: No

 ** vpcConfig **   <a name="securityagent-Type-Pentest-vpcConfig"></a>
The VPC configuration for the pentest.  
Type: [VpcConfig](API_VpcConfig.md) object  
Required: No

## See Also
<a name="API_Pentest_SeeAlso"></a>

For more information about using this API in one of the language-specific AWS SDKs, see the following:
+  [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/securityagent-2025-09-06/Pentest) 
+  [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/securityagent-2025-09-06/Pentest) 
+  [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/securityagent-2025-09-06/Pentest)