Class: Aws::SecurityAgent::Client

Inherits:
Seahorse::Client::Base show all
Includes:
ClientStubs
Defined in:
gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb

Overview

An API client for SecurityAgent. To construct a client, you need to configure a :region and :credentials.

client = Aws::SecurityAgent::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

For details on configuring region and credentials see the developer guide.

See #initialize for a full list of supported configuration options.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations collapse

Instance Method Summary collapse

Methods included from ClientStubs

#api_requests, #stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options) ⇒ Client

Returns a new instance of Client.

Parameters:

  • options (Hash)

Options Hash (options):

  • :plugins (Array<Seahorse::Client::Plugin>) — default: []]

    A list of plugins to apply to the client. Each plugin is either a class name or an instance of a plugin class.

  • :credentials (required, Aws::CredentialProvider)

    Your AWS credentials used for authentication. This can be any class that includes and implements Aws::CredentialProvider, or instance of any one of the following classes:

    • Aws::Credentials - Used for configuring static, non-refreshing credentials.

    • Aws::SharedCredentials - Used for loading static credentials from a shared file, such as ~/.aws/config.

    • Aws::AssumeRoleCredentials - Used when you need to assume a role.

    • Aws::AssumeRoleWebIdentityCredentials - Used when you need to assume a role after providing credentials via the web.

    • Aws::SSOCredentials - Used for loading credentials from AWS SSO using an access token generated from aws login.

    • Aws::ProcessCredentials - Used for loading credentials from a process that outputs to stdout.

    • Aws::InstanceProfileCredentials - Used for loading credentials from an EC2 IMDS on an EC2 instance.

    • Aws::ECSCredentials - Used for loading credentials from instances running in ECS.

    • Aws::CognitoIdentityCredentials - Used for loading credentials from the Cognito Identity service.

    When :credentials are not configured directly, the following locations will be searched for credentials:

    • Aws.config[:credentials]

    • The :access_key_id, :secret_access_key, :session_token, and :account_id options.

    • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'], ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID'].

    • ~/.aws/credentials

    • ~/.aws/config

    • EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive. Construct and pass an instance of Aws::InstanceProfileCredentials or Aws::ECSCredentials to enable retries and extended timeouts. Instance profile credential fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] to true.

  • :region (required, String)

    The AWS region to connect to. The configured :region is used to determine the service :endpoint. When not passed, a default :region is searched for in the following locations:

    • Aws.config[:region]
    • ENV['AWS_REGION']
    • ENV['AMAZON_REGION']
    • ENV['AWS_DEFAULT_REGION']
    • ~/.aws/credentials
    • ~/.aws/config
  • :access_key_id (String)
  • :account_id (String)
  • :active_endpoint_cache (Boolean) — default: false

    When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false.

  • :adaptive_retry_wait_to_fill (Boolean) — default: true

    Used only in adaptive retry mode. When true, the request will sleep until there is sufficent client side capacity to retry the request. When false, the request will raise a RetryCapacityNotAvailableError and will not retry instead of sleeping.

  • :auth_scheme_preference (Array<String>)

    A list of preferred authentication schemes to use when making a request. Supported values are: sigv4, sigv4a, httpBearerAuth, and noAuth. When set using ENV['AWS_AUTH_SCHEME_PREFERENCE'] or in shared config as auth_scheme_preference, the value should be a comma-separated list.

  • :client_side_monitoring (Boolean) — default: false

    When true, client-side metrics will be collected for all API requests from this client.

  • :client_side_monitoring_client_id (String) — default: ""

    Allows you to provide an identifier for this client which will be attached to all generated client side metrics. Defaults to an empty string.

  • :client_side_monitoring_host (String) — default: "127.0.0.1"

    Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_port (Integer) — default: 31000

    Required for publishing client metrics. The port that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) — default: Aws::ClientSideMonitoring::Publisher

    Allows you to provide a custom client-side monitoring publisher class. By default, will use the Client Side Monitoring Agent Publisher.

  • :convert_params (Boolean) — default: true

    When true, an attempt is made to coerce request parameters into the required types.

  • :correct_clock_skew (Boolean) — default: true

    Used only in standard and adaptive retry modes. Specifies whether to apply a clock skew correction and retry requests with skewed client clocks.

  • :defaults_mode (String) — default: "legacy"

    See DefaultsModeConfiguration for a list of the accepted modes and the configuration defaults that are included.

  • :disable_host_prefix_injection (Boolean) — default: false

    When true, the SDK will not prepend the modeled host prefix to the endpoint.

  • :disable_request_compression (Boolean) — default: false

    When set to 'true' the request body will not be compressed for supported operations.

  • :endpoint (String, URI::HTTPS, URI::HTTP)

    Normally you should not configure the :endpoint option directly. This is normally constructed from the :region option. Configuring :endpoint is normally reserved for connecting to test or custom endpoints. The endpoint should be a URI formatted like:

    'http://example.com'
'https://example.com'
'http://example.com:123'
  • :endpoint_cache_max_entries (Integer) — default: 1000

    Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000.

  • :endpoint_cache_max_threads (Integer) — default: 10

    Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.

  • :endpoint_cache_poll_interval (Integer) — default: 60

    When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec.

  • :endpoint_discovery (Boolean) — default: false

    When set to true, endpoint discovery will be enabled for operations when available.

  • :ignore_configured_endpoint_urls (Boolean)

    Setting to true disables use of endpoint URLs provided via environment variables and the shared configuration file.

  • :log_formatter (Aws::Log::Formatter) — default: Aws::Log::Formatter.default

    The log formatter.

  • :log_level (Symbol) — default: :info

    The log level to send messages to the :logger at.

  • :logger (Logger)

    The Logger instance to send log messages to. If this option is not set, logging will be disabled.

  • :max_attempts (Integer) — default: 3

    An integer representing the maximum number attempts that will be made for a single request, including the initial attempt. For example, setting this value to 5 will result in a request being retried up to 4 times. Used in standard and adaptive retry modes.

  • :profile (String) — default: "default"

    Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used.

  • :request_checksum_calculation (String) — default: "when_supported"

    Determines when a checksum will be calculated for request payloads. Values are:

    • when_supported - (default) When set, a checksum will be calculated for all request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true and/or a requestAlgorithmMember is modeled.
    • when_required - When set, a checksum will only be calculated for request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true or where a requestAlgorithmMember is modeled and supplied.
  • :request_min_compression_size_bytes (Integer) — default: 10240

    The minimum size in bytes that triggers compression for request bodies. The value must be non-negative integer value between 0 and 10485780 bytes inclusive.

  • :response_checksum_validation (String) — default: "when_supported"

    Determines when checksum validation will be performed on response payloads. Values are:

    • when_supported - (default) When set, checksum validation is performed on all response payloads of operations modeled with the httpChecksum trait where responseAlgorithms is modeled, except when no modeled checksum algorithms are supported.
    • when_required - When set, checksum validation is not performed on response payloads of operations unless the checksum algorithm is supported and the requestValidationModeMember member is set to ENABLED.
  • :retry_backoff (Proc)

    A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. This option is only used in the legacy retry mode.

  • :retry_base_delay (Float) — default: 0.3

    The base delay in seconds used by the default backoff function. This option is only used in the legacy retry mode.

  • :retry_jitter (Symbol) — default: :none

    A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number. This option is only used in the legacy retry mode.

    @see https://www.awsarchitectureblog.com/2015/03/backoff.html

  • :retry_limit (Integer) — default: 3

    The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors, auth errors, endpoint discovery, and errors from expired credentials. This option is only used in the legacy retry mode.

  • :retry_max_delay (Integer) — default: 0

    The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function. This option is only used in the legacy retry mode.

  • :retry_mode (String) — default: "legacy"

    Specifies which retry algorithm to use. Values are:

    • legacy - The pre-existing retry behavior. This is default value if no retry mode is provided.

    • standard - A standardized set of retry rules across the AWS SDKs. This includes support for retry quotas, which limit the number of unsuccessful retries a client can make.

    • adaptive - An experimental retry mode that includes all the functionality of standard mode along with automatic client side throttling. This is a provisional mode that may change behavior in the future.

  • :sdk_ua_app_id (String)

    A unique and opaque application ID that is appended to the User-Agent header as app/sdk_ua_app_id. It should have a maximum length of 50. This variable is sourced from environment variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.

  • :secret_access_key (String)
  • :session_token (String)
  • :sigv4a_signing_region_set (Array)

    A list of regions that should be signed with SigV4a signing. When not passed, a default :sigv4a_signing_region_set is searched for in the following locations:

    • Aws.config[:sigv4a_signing_region_set]
    • ENV['AWS_SIGV4A_SIGNING_REGION_SET']
    • ~/.aws/config
  • :stub_responses (Boolean) — default: false

    Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

    Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled.

  • :telemetry_provider (Aws::Telemetry::TelemetryProviderBase) — default: Aws::Telemetry::NoOpTelemetryProvider

    Allows you to provide a telemetry provider, which is used to emit telemetry data. By default, uses NoOpTelemetryProvider which will not record or emit any telemetry data. The SDK supports the following telemetry providers:

    • OpenTelemetry (OTel) - To use the OTel provider, install and require the opentelemetry-sdk gem and then, pass in an instance of a Aws::Telemetry::OTelProvider for telemetry provider.
  • :token_provider (Aws::TokenProvider)

    Your Bearer token used for authentication. This can be any class that includes and implements Aws::TokenProvider, or instance of any one of the following classes:

    • Aws::StaticTokenProvider - Used for configuring static, non-refreshing tokens.

    • Aws::SSOTokenProvider - Used for loading tokens from AWS SSO using an access token generated from aws login.

    When :token_provider is not configured directly, the Aws::TokenProviderChain will be used to search for tokens configured for your profile in shared configuration files.

  • :use_dualstack_endpoint (Boolean)

    When set to true, dualstack enabled endpoints (with .aws TLD) will be used if available.

  • :use_fips_endpoint (Boolean)

    When set to true, fips compatible endpoints will be used if available. When a fips region is used, the region is normalized and this config is set to true.

  • :validate_params (Boolean) — default: true

    When true, request parameters are validated before sending the request.

  • :endpoint_provider (Aws::SecurityAgent::EndpointProvider)

    The endpoint provider used to resolve endpoints. Any object that responds to #resolve_endpoint(parameters) where parameters is a Struct similar to Aws::SecurityAgent::EndpointParameters.

  • :http_continue_timeout (Float) — default: 1

    The number of seconds to wait for a 100-continue response before sending the request body. This option has no effect unless the request has "Expect" header set to "100-continue". Defaults to nil which disables this behaviour. This value can safely be set per request on the session.

  • :http_idle_timeout (Float) — default: 5

    The number of seconds a connection is allowed to sit idle before it is considered stale. Stale connections are closed and removed from the pool before making a request.

  • :http_open_timeout (Float) — default: 15

    The default number of seconds to wait for response data. This value can safely be set per-request on the session.

  • :http_proxy (URI::HTTP, String)

    A proxy to send requests through. Formatted like 'http://proxy.com:123'.

  • :http_read_timeout (Float) — default: 60

    The default number of seconds to wait for response data. This value can safely be set per-request on the session.

  • :http_wire_trace (Boolean) — default: false

    When true, HTTP debug output will be sent to the :logger.

  • :on_chunk_received (Proc)

    When a Proc object is provided, it will be used as callback when each chunk of the response body is received. It provides three arguments: the chunk, the number of bytes received, and the total number of bytes in the response (or nil if the server did not send a content-length).

  • :on_chunk_sent (Proc)

    When a Proc object is provided, it will be used as callback when each chunk of the request body is sent. It provides three arguments: the chunk, the number of bytes read from the body, and the total number of bytes in the body.

  • :raise_response_errors (Boolean) — default: true

    When true, response errors are raised.

  • :ssl_ca_bundle (String)

    Full path to the SSL certificate authority bundle file that should be used when verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

  • :ssl_ca_directory (String)

    Full path of the directory that contains the unbundled SSL certificate authority files for verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

  • :ssl_ca_store (String)

    Sets the X509::Store to verify peer certificate.

  • :ssl_cert (OpenSSL::X509::Certificate)

    Sets a client certificate when creating http connections.

  • :ssl_key (OpenSSL::PKey)

    Sets a client key when creating http connections.

  • :ssl_timeout (Float)

    Sets the SSL timeout in seconds

  • :ssl_verify_peer (Boolean) — default: true

    When true, SSL peer certificates are verified when establishing a connection.



473
474
475
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 473

def initialize(*args)
  super
end

Instance Method Details

#add_artifact(params = {}) ⇒ Types::AddArtifactOutput

Uploads an artifact to an agent space. Artifacts provide additional context for security testing, such as architecture diagrams, API specifications, or configuration files.

Examples:

Request syntax with placeholder values


resp = client.add_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_content: "data", # required
  artifact_type: "TXT", # required, accepts TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, YAML
  file_name: "String", # required
})

Response structure


resp.artifact_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to add the artifact to.

  • :artifact_content (required, String, StringIO, File)

    The binary content of the artifact to upload.

  • :artifact_type (required, String)

    The file type of the artifact. Valid values include TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, and YAML.

  • :file_name (required, String)

    The file name of the artifact.

Returns:

See Also:



517
518
519
520
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 517

def add_artifact(params = {}, options = {})
  req = build_request(:add_artifact, params)
  req.send_request(options)
end

#batch_delete_code_reviews(params = {}) ⇒ Types::BatchDeleteCodeReviewsOutput

Deletes one or more code reviews from an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_delete_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.deleted #=> Array
resp.deleted[0] #=> String
resp.failed #=> Array
resp.failed[0].code_review_id #=> String
resp.failed[0].reason #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_ids (required, Array<String>)

    The list of code review identifiers to delete.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code reviews to delete.

Returns:

See Also:



555
556
557
558
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 555

def batch_delete_code_reviews(params = {}, options = {})
  req = build_request(:batch_delete_code_reviews, params)
  req.send_request(options)
end

#batch_delete_pentests(params = {}) ⇒ Types::BatchDeletePentestsOutput

Deletes one or more pentests from an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_delete_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.deleted #=> Array
resp.deleted[0].pentest_id #=> String
resp.deleted[0].agent_space_id #=> String
resp.deleted[0].title #=> String
resp.deleted[0].assets.endpoints #=> Array
resp.deleted[0].assets.endpoints[0].uri #=> String
resp.deleted[0].assets.actors #=> Array
resp.deleted[0].assets.actors[0].identifier #=> String
resp.deleted[0].assets.actors[0].uris #=> Array
resp.deleted[0].assets.actors[0].uris[0] #=> String
resp.deleted[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.deleted[0].assets.actors[0].authentication.value #=> String
resp.deleted[0].assets.actors[0].description #=> String
resp.deleted[0].assets.documents #=> Array
resp.deleted[0].assets.documents[0].s3_location #=> String
resp.deleted[0].assets.documents[0].artifact_id #=> String
resp.deleted[0].assets.source_code #=> Array
resp.deleted[0].assets.source_code[0].s3_location #=> String
resp.deleted[0].assets.integrated_repositories #=> Array
resp.deleted[0].assets.integrated_repositories[0].integration_id #=> String
resp.deleted[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.deleted[0].exclude_risk_types #=> Array
resp.deleted[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.deleted[0].service_role #=> String
resp.deleted[0].log_config.log_group #=> String
resp.deleted[0].log_config.log_stream #=> String
resp.deleted[0].vpc_config.vpc_arn #=> String
resp.deleted[0].vpc_config.security_group_arns #=> Array
resp.deleted[0].vpc_config.security_group_arns[0] #=> String
resp.deleted[0].vpc_config.subnet_arns #=> Array
resp.deleted[0].vpc_config.subnet_arns[0] #=> String
resp.deleted[0].network_traffic_config.rules #=> Array
resp.deleted[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.deleted[0].network_traffic_config.rules[0].pattern #=> String
resp.deleted[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.deleted[0].network_traffic_config.custom_headers #=> Array
resp.deleted[0].network_traffic_config.custom_headers[0].name #=> String
resp.deleted[0].network_traffic_config.custom_headers[0].value #=> String
resp.deleted[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.deleted[0].created_at #=> Time
resp.deleted[0].updated_at #=> Time
resp.failed #=> Array
resp.failed[0].pentest_id #=> String
resp.failed[0].reason #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_ids (required, Array<String>)

    The list of pentest identifiers to delete.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentests to delete.

Returns:

See Also:



632
633
634
635
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 632

def batch_delete_pentests(params = {}, options = {})
  req = build_request(:batch_delete_pentests, params)
  req.send_request(options)
end

#batch_get_agent_spaces(params = {}) ⇒ Types::BatchGetAgentSpacesOutput

Retrieves information about one or more agent spaces.

Examples:

Request syntax with placeholder values


resp = client.batch_get_agent_spaces({
  agent_space_ids: ["AgentSpaceId"], # required
})

Response structure


resp.agent_spaces #=> Array
resp.agent_spaces[0].agent_space_id #=> String
resp.agent_spaces[0].name #=> String
resp.agent_spaces[0].description #=> String
resp.agent_spaces[0].aws_resources.vpcs #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].vpc_arn #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.agent_spaces[0].aws_resources.log_groups #=> Array
resp.agent_spaces[0].aws_resources.log_groups[0] #=> String
resp.agent_spaces[0].aws_resources.s3_buckets #=> Array
resp.agent_spaces[0].aws_resources.s3_buckets[0] #=> String
resp.agent_spaces[0].aws_resources.secret_arns #=> Array
resp.agent_spaces[0].aws_resources.secret_arns[0] #=> String
resp.agent_spaces[0].aws_resources.lambda_function_arns #=> Array
resp.agent_spaces[0].aws_resources.lambda_function_arns[0] #=> String
resp.agent_spaces[0].aws_resources.iam_roles #=> Array
resp.agent_spaces[0].aws_resources.iam_roles[0] #=> String
resp.agent_spaces[0].target_domain_ids #=> Array
resp.agent_spaces[0].target_domain_ids[0] #=> String
resp.agent_spaces[0].code_review_settings.controls_scanning #=> Boolean
resp.agent_spaces[0].code_review_settings.general_purpose_scanning #=> Boolean
resp.agent_spaces[0].kms_key_id #=> String
resp.agent_spaces[0].created_at #=> Time
resp.agent_spaces[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_ids (required, Array<String>)

    The list of agent space identifiers to retrieve.

Returns:

See Also:



689
690
691
692
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 689

def batch_get_agent_spaces(params = {}, options = {})
  req = build_request(:batch_get_agent_spaces, params)
  req.send_request(options)
end

#batch_get_artifact_metadata(params = {}) ⇒ Types::BatchGetArtifactMetadataOutput

Retrieves metadata for one or more artifacts in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_artifact_metadata({
  agent_space_id: "AgentSpaceId", # required
  artifact_ids: ["ArtifactId"], # required
})

Response structure


resp.artifact_metadata_list #=> Array
resp.artifact_metadata_list[0].agent_space_id #=> String
resp.artifact_metadata_list[0].artifact_id #=> String
resp.artifact_metadata_list[0].file_name #=> String
resp.artifact_metadata_list[0].updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the artifacts.

  • :artifact_ids (required, Array<String>)

    The list of artifact identifiers to retrieve metadata for.

Returns:

See Also:



725
726
727
728
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 725

def batch_get_artifact_metadata(params = {}, options = {})
  req = build_request(:batch_get_artifact_metadata, params)
  req.send_request(options)
end

#batch_get_code_review_job_tasks(params = {}) ⇒ Types::BatchGetCodeReviewJobTasksOutput

Retrieves information about one or more tasks within a code review job.

Examples:

Request syntax with placeholder values


resp = client.batch_get_code_review_job_tasks({
  agent_space_id: "String", # required
  code_review_job_task_ids: ["String"], # required
})

Response structure


resp.code_review_job_tasks #=> Array
resp.code_review_job_tasks[0].task_id #=> String
resp.code_review_job_tasks[0].code_review_id #=> String
resp.code_review_job_tasks[0].code_review_job_id #=> String
resp.code_review_job_tasks[0].agent_space_id #=> String
resp.code_review_job_tasks[0].title #=> String
resp.code_review_job_tasks[0].description #=> String
resp.code_review_job_tasks[0].categories #=> Array
resp.code_review_job_tasks[0].categories[0].name #=> String
resp.code_review_job_tasks[0].categories[0].is_primary #=> Boolean
resp.code_review_job_tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.code_review_job_tasks[0].created_at #=> Time
resp.code_review_job_tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the tasks.

  • :code_review_job_task_ids (required, Array<String>)

    The list of task identifiers to retrieve.

Returns:

See Also:



777
778
779
780
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 777

def batch_get_code_review_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_code_review_job_tasks, params)
  req.send_request(options)
end

#batch_get_code_review_jobs(params = {}) ⇒ Types::BatchGetCodeReviewJobsOutput

Retrieves information about one or more code review jobs in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_code_review_jobs({
  code_review_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.code_review_jobs #=> Array
resp.code_review_jobs[0].code_review_job_id #=> String
resp.code_review_jobs[0].code_review_id #=> String
resp.code_review_jobs[0].title #=> String
resp.code_review_jobs[0].overview #=> String
resp.code_review_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_jobs[0].documents #=> Array
resp.code_review_jobs[0].documents[0].s3_location #=> String
resp.code_review_jobs[0].documents[0].artifact_id #=> String
resp.code_review_jobs[0].source_code #=> Array
resp.code_review_jobs[0].source_code[0].s3_location #=> String
resp.code_review_jobs[0].steps #=> Array
resp.code_review_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
resp.code_review_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.code_review_jobs[0].steps[0].created_at #=> Time
resp.code_review_jobs[0].steps[0].updated_at #=> Time
resp.code_review_jobs[0].execution_context #=> Array
resp.code_review_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.code_review_jobs[0].execution_context[0].context #=> String
resp.code_review_jobs[0].execution_context[0].timestamp #=> Time
resp.code_review_jobs[0].service_role #=> String
resp.code_review_jobs[0].log_config.log_group #=> String
resp.code_review_jobs[0].log_config.log_stream #=> String
resp.code_review_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.code_review_jobs[0].error_information.message #=> String
resp.code_review_jobs[0].integrated_repositories #=> Array
resp.code_review_jobs[0].integrated_repositories[0].integration_id #=> String
resp.code_review_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.code_review_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_review_jobs[0].created_at #=> Time
resp.code_review_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_job_ids (required, Array<String>)

    The list of code review job identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code review jobs.

Returns:

See Also:



844
845
846
847
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 844

def batch_get_code_review_jobs(params = {}, options = {})
  req = build_request(:batch_get_code_review_jobs, params)
  req.send_request(options)
end

#batch_get_code_reviews(params = {}) ⇒ Types::BatchGetCodeReviewsOutput

Retrieves information about one or more code reviews in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.code_reviews #=> Array
resp.code_reviews[0].code_review_id #=> String
resp.code_reviews[0].agent_space_id #=> String
resp.code_reviews[0].title #=> String
resp.code_reviews[0].assets.endpoints #=> Array
resp.code_reviews[0].assets.endpoints[0].uri #=> String
resp.code_reviews[0].assets.actors #=> Array
resp.code_reviews[0].assets.actors[0].identifier #=> String
resp.code_reviews[0].assets.actors[0].uris #=> Array
resp.code_reviews[0].assets.actors[0].uris[0] #=> String
resp.code_reviews[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.code_reviews[0].assets.actors[0].authentication.value #=> String
resp.code_reviews[0].assets.actors[0].description #=> String
resp.code_reviews[0].assets.documents #=> Array
resp.code_reviews[0].assets.documents[0].s3_location #=> String
resp.code_reviews[0].assets.documents[0].artifact_id #=> String
resp.code_reviews[0].assets.source_code #=> Array
resp.code_reviews[0].assets.source_code[0].s3_location #=> String
resp.code_reviews[0].assets.integrated_repositories #=> Array
resp.code_reviews[0].assets.integrated_repositories[0].integration_id #=> String
resp.code_reviews[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.code_reviews[0].service_role #=> String
resp.code_reviews[0].log_config.log_group #=> String
resp.code_reviews[0].log_config.log_stream #=> String
resp.code_reviews[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_reviews[0].created_at #=> Time
resp.code_reviews[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_ids (required, Array<String>)

    The list of code review identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code reviews.

Returns:

See Also:



907
908
909
910
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 907

def batch_get_code_reviews(params = {}, options = {})
  req = build_request(:batch_get_code_reviews, params)
  req.send_request(options)
end

#batch_get_findings(params = {}) ⇒ Types::BatchGetFindingsOutput

Retrieves information about one or more security findings in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_findings({
  finding_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.findings #=> Array
resp.findings[0].finding_id #=> String
resp.findings[0].agent_space_id #=> String
resp.findings[0].pentest_id #=> String
resp.findings[0].pentest_job_id #=> String
resp.findings[0].code_review_id #=> String
resp.findings[0].code_review_job_id #=> String
resp.findings[0].task_id #=> String
resp.findings[0].name #=> String
resp.findings[0].description #=> String
resp.findings[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings[0].risk_type #=> String
resp.findings[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings[0].risk_score #=> String
resp.findings[0].reasoning #=> String
resp.findings[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings[0].attack_script #=> String
resp.findings[0].code_remediation_task.status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED"
resp.findings[0].code_remediation_task.status_reason #=> String
resp.findings[0].code_remediation_task.task_details #=> Array
resp.findings[0].code_remediation_task.task_details[0].repo_name #=> String
resp.findings[0].code_remediation_task.task_details[0].code_diff_link #=> String
resp.findings[0].code_remediation_task.task_details[0].pull_request_link #=> String
resp.findings[0].last_updated_by #=> String
resp.findings[0].code_locations #=> Array
resp.findings[0].code_locations[0].file_path #=> String
resp.findings[0].code_locations[0].line_start #=> Integer
resp.findings[0].code_locations[0].line_end #=> Integer
resp.findings[0].code_locations[0].label #=> String
resp.findings[0].created_at #=> Time
resp.findings[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_ids (required, Array<String>)

    The list of finding identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the findings.

Returns:

See Also:



973
974
975
976
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 973

def batch_get_findings(params = {}, options = {})
  req = build_request(:batch_get_findings, params)
  req.send_request(options)
end

#batch_get_pentest_job_tasks(params = {}) ⇒ Types::BatchGetPentestJobTasksOutput

Retrieves information about one or more tasks within a pentest job.

Examples:

Request syntax with placeholder values


resp = client.batch_get_pentest_job_tasks({
  agent_space_id: "String", # required
  task_ids: ["String"], # required
})

Response structure


resp.tasks #=> Array
resp.tasks[0].task_id #=> String
resp.tasks[0].pentest_id #=> String
resp.tasks[0].pentest_job_id #=> String
resp.tasks[0].agent_space_id #=> String
resp.tasks[0].title #=> String
resp.tasks[0].description #=> String
resp.tasks[0].categories #=> Array
resp.tasks[0].categories[0].name #=> String
resp.tasks[0].categories[0].is_primary #=> Boolean
resp.tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.tasks[0].target_endpoint.uri #=> String
resp.tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.tasks[0].created_at #=> Time
resp.tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the tasks.

  • :task_ids (required, Array<String>)

    The list of task identifiers to retrieve.

Returns:

See Also:



1025
1026
1027
1028
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1025

def batch_get_pentest_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_pentest_job_tasks, params)
  req.send_request(options)
end

#batch_get_pentest_jobs(params = {}) ⇒ Types::BatchGetPentestJobsOutput

Retrieves information about one or more pentest jobs in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_pentest_jobs({
  pentest_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.pentest_jobs #=> Array
resp.pentest_jobs[0].pentest_job_id #=> String
resp.pentest_jobs[0].pentest_id #=> String
resp.pentest_jobs[0].title #=> String
resp.pentest_jobs[0].overview #=> String
resp.pentest_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_jobs[0].endpoints #=> Array
resp.pentest_jobs[0].endpoints[0].uri #=> String
resp.pentest_jobs[0].actors #=> Array
resp.pentest_jobs[0].actors[0].identifier #=> String
resp.pentest_jobs[0].actors[0].uris #=> Array
resp.pentest_jobs[0].actors[0].uris[0] #=> String
resp.pentest_jobs[0].actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentest_jobs[0].actors[0].authentication.value #=> String
resp.pentest_jobs[0].actors[0].description #=> String
resp.pentest_jobs[0].documents #=> Array
resp.pentest_jobs[0].documents[0].s3_location #=> String
resp.pentest_jobs[0].documents[0].artifact_id #=> String
resp.pentest_jobs[0].source_code #=> Array
resp.pentest_jobs[0].source_code[0].s3_location #=> String
resp.pentest_jobs[0].exclude_paths #=> Array
resp.pentest_jobs[0].exclude_paths[0].uri #=> String
resp.pentest_jobs[0].allowed_domains #=> Array
resp.pentest_jobs[0].allowed_domains[0].uri #=> String
resp.pentest_jobs[0].exclude_risk_types #=> Array
resp.pentest_jobs[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentest_jobs[0].steps #=> Array
resp.pentest_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
resp.pentest_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.pentest_jobs[0].steps[0].created_at #=> Time
resp.pentest_jobs[0].steps[0].updated_at #=> Time
resp.pentest_jobs[0].execution_context #=> Array
resp.pentest_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.pentest_jobs[0].execution_context[0].context #=> String
resp.pentest_jobs[0].execution_context[0].timestamp #=> Time
resp.pentest_jobs[0].service_role #=> String
resp.pentest_jobs[0].log_config.log_group #=> String
resp.pentest_jobs[0].log_config.log_stream #=> String
resp.pentest_jobs[0].vpc_config.vpc_arn #=> String
resp.pentest_jobs[0].vpc_config.security_group_arns #=> Array
resp.pentest_jobs[0].vpc_config.security_group_arns[0] #=> String
resp.pentest_jobs[0].vpc_config.subnet_arns #=> Array
resp.pentest_jobs[0].vpc_config.subnet_arns[0] #=> String
resp.pentest_jobs[0].network_traffic_config.rules #=> Array
resp.pentest_jobs[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentest_jobs[0].network_traffic_config.rules[0].pattern #=> String
resp.pentest_jobs[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentest_jobs[0].network_traffic_config.custom_headers #=> Array
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentest_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.pentest_jobs[0].error_information.message #=> String
resp.pentest_jobs[0].integrated_repositories #=> Array
resp.pentest_jobs[0].integrated_repositories[0].integration_id #=> String
resp.pentest_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.pentest_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentest_jobs[0].created_at #=> Time
resp.pentest_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_job_ids (required, Array<String>)

    The list of pentest job identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentest jobs.

Returns:

See Also:



1119
1120
1121
1122
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1119

def batch_get_pentest_jobs(params = {}, options = {})
  req = build_request(:batch_get_pentest_jobs, params)
  req.send_request(options)
end

#batch_get_pentests(params = {}) ⇒ Types::BatchGetPentestsOutput

Retrieves information about one or more pentests in an agent space.

Examples:

Request syntax with placeholder values


resp = client.batch_get_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure


resp.pentests #=> Array
resp.pentests[0].pentest_id #=> String
resp.pentests[0].agent_space_id #=> String
resp.pentests[0].title #=> String
resp.pentests[0].assets.endpoints #=> Array
resp.pentests[0].assets.endpoints[0].uri #=> String
resp.pentests[0].assets.actors #=> Array
resp.pentests[0].assets.actors[0].identifier #=> String
resp.pentests[0].assets.actors[0].uris #=> Array
resp.pentests[0].assets.actors[0].uris[0] #=> String
resp.pentests[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentests[0].assets.actors[0].authentication.value #=> String
resp.pentests[0].assets.actors[0].description #=> String
resp.pentests[0].assets.documents #=> Array
resp.pentests[0].assets.documents[0].s3_location #=> String
resp.pentests[0].assets.documents[0].artifact_id #=> String
resp.pentests[0].assets.source_code #=> Array
resp.pentests[0].assets.source_code[0].s3_location #=> String
resp.pentests[0].assets.integrated_repositories #=> Array
resp.pentests[0].assets.integrated_repositories[0].integration_id #=> String
resp.pentests[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.pentests[0].exclude_risk_types #=> Array
resp.pentests[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentests[0].service_role #=> String
resp.pentests[0].log_config.log_group #=> String
resp.pentests[0].log_config.log_stream #=> String
resp.pentests[0].vpc_config.vpc_arn #=> String
resp.pentests[0].vpc_config.security_group_arns #=> Array
resp.pentests[0].vpc_config.security_group_arns[0] #=> String
resp.pentests[0].vpc_config.subnet_arns #=> Array
resp.pentests[0].vpc_config.subnet_arns[0] #=> String
resp.pentests[0].network_traffic_config.rules #=> Array
resp.pentests[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentests[0].network_traffic_config.rules[0].pattern #=> String
resp.pentests[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentests[0].network_traffic_config.custom_headers #=> Array
resp.pentests[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentests[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentests[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentests[0].created_at #=> Time
resp.pentests[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_ids (required, Array<String>)

    The list of pentest identifiers to retrieve.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentests.

Returns:

See Also:



1194
1195
1196
1197
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1194

def batch_get_pentests(params = {}, options = {})
  req = build_request(:batch_get_pentests, params)
  req.send_request(options)
end

#batch_get_target_domains(params = {}) ⇒ Types::BatchGetTargetDomainsOutput

Retrieves information about one or more target domains.

Examples:

Request syntax with placeholder values


resp = client.batch_get_target_domains({
  target_domain_ids: ["String"], # required
})

Response structure


resp.target_domains #=> Array
resp.target_domains[0].target_domain_id #=> String
resp.target_domains[0].domain_name #=> String
resp.target_domains[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.target_domains[0].verification_status_reason #=> String
resp.target_domains[0].verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.target_domains[0].verification_details.dns_txt.token #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_name #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.target_domains[0].verification_details.http_route.token #=> String
resp.target_domains[0].verification_details.http_route.route_path #=> String
resp.target_domains[0].created_at #=> Time
resp.target_domains[0].verified_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_ids (required, Array<String>)

    The list of target domain identifiers to retrieve.

Returns:

See Also:



1237
1238
1239
1240
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1237

def batch_get_target_domains(params = {}, options = {})
  req = build_request(:batch_get_target_domains, params)
  req.send_request(options)
end

#create_agent_space(params = {}) ⇒ Types::CreateAgentSpaceOutput

Creates a new agent space. An agent space is a dedicated workspace for securing a specific application.

Examples:

Request syntax with placeholder values


resp = client.create_agent_space({
  name: "AgentName", # required
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.kms_key_id #=> String
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :name (required, String)

    The name of the agent space.

  • :description (String)

    A description of the agent space.

  • :aws_resources (Types::AWSResources)

    The AWS resources to associate with the agent space.

  • :target_domain_ids (Array<String>)

    The list of target domain identifiers to associate with the agent space.

  • :code_review_settings (Types::CodeReviewSettings)

    The code review settings for the agent space.

  • :kms_key_id (String)

    The identifier of the AWS KMS key to use for encrypting data in the agent space.

  • :tags (Hash<String,String>)

    The tags to associate with the agent space.

Returns:

See Also:



1343
1344
1345
1346
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1343

def create_agent_space(params = {}, options = {})
  req = build_request(:create_agent_space, params)
  req.send_request(options)
end

#create_application(params = {}) ⇒ Types::CreateApplicationResponse

Creates a new application. An application is the top-level organizational unit that supports IAM Identity Center integration.

Examples:

Request syntax with placeholder values


resp = client.create_application({
  idc_instance_arn: "IdCInstanceArn",
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.application_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :idc_instance_arn (String)

    The Amazon Resource Name (ARN) of the IAM Identity Center instance to associate with the application.

  • :role_arn (String)

    The Amazon Resource Name (ARN) of the IAM role to associate with the application.

  • :default_kms_key_id (String)

    The identifier of the default AWS KMS key to use for encrypting data in the application.

  • :tags (Hash<String,String>)

    The tags to associate with the application.

Returns:

See Also:



1389
1390
1391
1392
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1389

def create_application(params = {}, options = {})
  req = build_request(:create_application, params)
  req.send_request(options)
end

#create_code_review(params = {}) ⇒ Types::CreateCodeReviewOutput

Creates a new code review configuration in an agent space. A code review defines the parameters for automated security-focused code analysis.

Examples:

Request syntax with placeholder values


resp = client.create_code_review({
  title: "String", # required
  agent_space_id: "String", # required
  assets: { # required
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :title (required, String)

    The title of the code review.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to create the code review in.

  • :assets (required, Types::Assets)

    The assets to include in the code review, such as documents and source code.

  • :service_role (String)

    The IAM service role to use for the code review.

  • :log_config (Types::CloudWatchLog)

    The CloudWatch Logs configuration for the code review.

  • :code_remediation_strategy (String)

    The code remediation strategy for the code review. Valid values are AUTOMATIC and DISABLED.

Returns:

See Also:



1511
1512
1513
1514
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1511

def create_code_review(params = {}, options = {})
  req = build_request(:create_code_review, params)
  req.send_request(options)
end

#create_integration(params = {}) ⇒ Types::CreateIntegrationOutput

Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.

Examples:

Request syntax with placeholder values


resp = client.create_integration({
  provider: "GITHUB", # required, accepts GITHUB
  input: { # required
    github: {
      code: "AuthCode", # required
      state: "CsrfState", # required
      organization_name: "String",
    },
  },
  integration_display_name: "String", # required
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.integration_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :provider (required, String)

    The integration provider. Currently, only GITHUB is supported.

  • :input (required, Types::ProviderInput)

    The provider-specific input required to create the integration.

  • :integration_display_name (required, String)

    The display name for the integration.

  • :kms_key_id (String)

    The identifier of the AWS KMS key to use for encrypting data associated with the integration.

  • :tags (Hash<String,String>)

    The tags to associate with the integration.

Returns:

See Also:



1565
1566
1567
1568
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1565

def create_integration(params = {}, options = {})
  req = build_request(:create_integration, params)
  req.send_request(options)
end

#create_membership(params = {}) ⇒ Struct

Creates a new membership, granting a user access to an agent space within an application.

Examples:

Request syntax with placeholder values


resp = client.create_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # required, accepts USER
  config: {
    user: {
      role: "MEMBER", # accepts MEMBER
    },
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application that contains the agent space.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to grant access to.

  • :membership_id (required, String)

    The unique identifier for the membership.

  • :member_type (required, String)

    The type of member. Currently, only USER is supported.

  • :config (Types::MembershipConfig)

    The configuration for the membership, such as the user role.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1609
1610
1611
1612
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1609

def create_membership(params = {}, options = {})
  req = build_request(:create_membership, params)
  req.send_request(options)
end

#create_pentest(params = {}) ⇒ Types::CreatePentestOutput

Creates a new pentest configuration in an agent space. A pentest defines the security test parameters, including target assets, risk type exclusions, and logging configuration.

Examples:

Request syntax with placeholder values


resp = client.create_pentest({
  title: "String", # required
  agent_space_id: "String", # required
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :title (required, String)

    The title of the pentest.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to create the pentest in.

  • :assets (Types::Assets)

    The assets to include in the pentest, such as endpoints, actors, documents, and source code.

  • :exclude_risk_types (Array<String>)

    The list of risk types to exclude from the pentest.

  • :service_role (String)

    The IAM service role to use for the pentest.

  • :log_config (Types::CloudWatchLog)

    The CloudWatch Logs configuration for the pentest.

  • :vpc_config (Types::VpcConfig)

    The VPC configuration for the pentest.

  • :network_traffic_config (Types::NetworkTrafficConfig)

    The network traffic configuration for the pentest, including custom headers and traffic rules.

  • :code_remediation_strategy (String)

    The code remediation strategy for the pentest. Valid values are AUTOMATIC and DISABLED.

Returns:

See Also:



1763
1764
1765
1766
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1763

def create_pentest(params = {}, options = {})
  req = build_request(:create_pentest, params)
  req.send_request(options)
end

#create_target_domain(params = {}) ⇒ Types::CreateTargetDomainOutput

Creates a new target domain for penetration testing. A target domain is a web domain that must be registered and verified before it can be tested.

Examples:

Request syntax with placeholder values


resp = client.create_target_domain({
  target_domain_name: "String", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure


resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_name (required, String)

    The domain name to register as a target domain.

  • :verification_method (required, String)

    The method to use for verifying domain ownership. Valid values are DNS_TXT, HTTP_ROUTE, and PRIVATE_VPC.

  • :tags (Hash<String,String>)

    The tags to associate with the target domain.

Returns:

See Also:



1821
1822
1823
1824
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1821

def create_target_domain(params = {}, options = {})
  req = build_request(:create_target_domain, params)
  req.send_request(options)
end

#delete_agent_space(params = {}) ⇒ Types::DeleteAgentSpaceOutput

Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.

Examples:

Request syntax with placeholder values


resp = client.delete_agent_space({
  agent_space_id: "AgentSpaceId", # required
})

Response structure


resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to delete.

Returns:

See Also:



1850
1851
1852
1853
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1850

def delete_agent_space(params = {}, options = {})
  req = build_request(:delete_agent_space, params)
  req.send_request(options)
end

#delete_application(params = {}) ⇒ Struct

Deletes an application and its associated configuration, including IAM Identity Center settings.

Examples:

Request syntax with placeholder values


resp = client.delete_application({
  application_id: "ApplicationId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application to delete.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1873
1874
1875
1876
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1873

def delete_application(params = {}, options = {})
  req = build_request(:delete_application, params)
  req.send_request(options)
end

#delete_artifact(params = {}) ⇒ Struct

Deletes an artifact from an agent space.

Examples:

Request syntax with placeholder values


resp = client.delete_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the artifact.

  • :artifact_id (required, String)

    The unique identifier of the artifact to delete.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1899
1900
1901
1902
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1899

def delete_artifact(params = {}, options = {})
  req = build_request(:delete_artifact, params)
  req.send_request(options)
end

#delete_integration(params = {}) ⇒ Struct

Deletes an integration with a third-party provider.

Examples:

Request syntax with placeholder values


resp = client.delete_integration({
  integration_id: "IntegrationId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :integration_id (required, String)

    The unique identifier of the integration to delete.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1921
1922
1923
1924
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1921

def delete_integration(params = {}, options = {})
  req = build_request(:delete_integration, params)
  req.send_request(options)
end

#delete_membership(params = {}) ⇒ Struct

Deletes a membership, revoking a user's access to an agent space.

Examples:

Request syntax with placeholder values


resp = client.delete_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # accepts USER
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application that contains the agent space.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to revoke access from.

  • :membership_id (required, String)

    The unique identifier of the membership to delete.

  • :member_type (String)

    The type of member to remove.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1956
1957
1958
1959
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1956

def delete_membership(params = {}, options = {})
  req = build_request(:delete_membership, params)
  req.send_request(options)
end

#delete_target_domain(params = {}) ⇒ Types::DeleteTargetDomainOutput

Deletes a target domain registration. After deletion, the domain can no longer be used for penetration testing.

Examples:

Request syntax with placeholder values


resp = client.delete_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure


resp.target_domain_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_id (required, String)

    The unique identifier of the target domain to delete.

Returns:

See Also:



1985
1986
1987
1988
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1985

def delete_target_domain(params = {}, options = {})
  req = build_request(:delete_target_domain, params)
  req.send_request(options)
end

#get_application(params = {}) ⇒ Types::GetApplicationResponse

Retrieves information about an application.

Examples:

Request syntax with placeholder values


resp = client.get_application({
  application_id: "ApplicationId", # required
})

Response structure


resp.application_id #=> String
resp.domain #=> String
resp.application_name #=> String
resp.idc_configuration.idc_application_arn #=> String
resp.idc_configuration.idc_instance_arn #=> String
resp.role_arn #=> String
resp.default_kms_key_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application to retrieve.

Returns:

See Also:



2024
2025
2026
2027
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2024

def get_application(params = {}, options = {})
  req = build_request(:get_application, params)
  req.send_request(options)
end

#get_artifact(params = {}) ⇒ Types::GetArtifactOutput

Retrieves an artifact from an agent space.

Examples:

Request syntax with placeholder values


resp = client.get_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Response structure


resp.agent_space_id #=> String
resp.artifact_id #=> String
resp.artifact.contents #=> String
resp.artifact.type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.file_name #=> String
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the artifact.

  • :artifact_id (required, String)

    The unique identifier of the artifact to retrieve.

Returns:

See Also:



2065
2066
2067
2068
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2065

def get_artifact(params = {}, options = {})
  req = build_request(:get_artifact, params)
  req.send_request(options)
end

#get_integration(params = {}) ⇒ Types::GetIntegrationOutput

Retrieves information about an integration.

Examples:

Request syntax with placeholder values


resp = client.get_integration({
  integration_id: "IntegrationId", # required
})

Response structure


resp.integration_id #=> String
resp.installation_id #=> String
resp.provider #=> String, one of "GITHUB"
resp.provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.display_name #=> String
resp.kms_key_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :integration_id (required, String)

    The unique identifier of the integration to retrieve.

Returns:

See Also:



2103
2104
2105
2106
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2103

def get_integration(params = {}, options = {})
  req = build_request(:get_integration, params)
  req.send_request(options)
end

#initiate_provider_registration(params = {}) ⇒ Types::InitiateProviderRegistrationOutput

Initiates the OAuth registration flow with a third-party provider. Returns a redirect URL and CSRF state token for completing the authorization.

Examples:

Request syntax with placeholder values


resp = client.initiate_provider_registration({
  provider: "GITHUB", # required, accepts GITHUB
})

Response structure


resp.redirect_to #=> String
resp.csrf_state #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :provider (required, String)

    The provider to initiate registration with. Currently, only GITHUB is supported.

Returns:

See Also:



2136
2137
2138
2139
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2136

def initiate_provider_registration(params = {}, options = {})
  req = build_request(:initiate_provider_registration, params)
  req.send_request(options)
end

#list_agent_spaces(params = {}) ⇒ Types::ListAgentSpacesOutput

Returns a paginated list of agent space summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_agent_spaces({
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.agent_space_summaries #=> Array
resp.agent_space_summaries[0].agent_space_id #=> String
resp.agent_space_summaries[0].name #=> String
resp.agent_space_summaries[0].created_at #=> Time
resp.agent_space_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2179
2180
2181
2182
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2179

def list_agent_spaces(params = {}, options = {})
  req = build_request(:list_agent_spaces, params)
  req.send_request(options)
end

#list_applications(params = {}) ⇒ Types::ListApplicationsResponse

Returns a paginated list of application summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_applications({
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.application_summaries #=> Array
resp.application_summaries[0].application_id #=> String
resp.application_summaries[0].application_name #=> String
resp.application_summaries[0].domain #=> String
resp.application_summaries[0].default_kms_key_id #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2222
2223
2224
2225
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2222

def list_applications(params = {}, options = {})
  req = build_request(:list_applications, params)
  req.send_request(options)
end

#list_artifacts(params = {}) ⇒ Types::ListArtifactsOutput

Returns a paginated list of artifact summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_artifacts({
  agent_space_id: "AgentSpaceId", # required
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.artifact_summaries #=> Array
resp.artifact_summaries[0].artifact_id #=> String
resp.artifact_summaries[0].file_name #=> String
resp.artifact_summaries[0].artifact_type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list artifacts for.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2269
2270
2271
2272
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2269

def list_artifacts(params = {}, options = {})
  req = build_request(:list_artifacts, params)
  req.send_request(options)
end

#list_code_review_job_tasks(params = {}) ⇒ Types::ListCodeReviewJobTasksOutput

Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_code_review_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  code_review_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
  category_name: "String",
  next_token: "NextToken",
})

Response structure


resp.code_review_job_task_summaries #=> Array
resp.code_review_job_task_summaries[0].task_id #=> String
resp.code_review_job_task_summaries[0].code_review_id #=> String
resp.code_review_job_task_summaries[0].code_review_job_id #=> String
resp.code_review_job_task_summaries[0].agent_space_id #=> String
resp.code_review_job_task_summaries[0].title #=> String
resp.code_review_job_task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_task_summaries[0].created_at #=> Time
resp.code_review_job_task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :code_review_job_id (String)

    The unique identifier of the code review job to list tasks for.

  • :step_name (String)

    Filter tasks by step name.

  • :category_name (String)

    Filter tasks by category name.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2334
2335
2336
2337
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2334

def list_code_review_job_tasks(params = {}, options = {})
  req = build_request(:list_code_review_job_tasks, params)
  req.send_request(options)
end

#list_code_review_jobs_for_code_review(params = {}) ⇒ Types::ListCodeReviewJobsForCodeReviewOutput

Returns a paginated list of code review job summaries for the specified code review configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_code_review_jobs_for_code_review({
  max_results: 1,
  code_review_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure


resp.code_review_job_summaries #=> Array
resp.code_review_job_summaries[0].code_review_job_id #=> String
resp.code_review_job_summaries[0].code_review_id #=> String
resp.code_review_job_summaries[0].title #=> String
resp.code_review_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_job_summaries[0].created_at #=> Time
resp.code_review_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :code_review_id (required, String)

    The unique identifier of the code review to list jobs for.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2388
2389
2390
2391
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2388

def list_code_review_jobs_for_code_review(params = {}, options = {})
  req = build_request(:list_code_review_jobs_for_code_review, params)
  req.send_request(options)
end

#list_code_reviews(params = {}) ⇒ Types::ListCodeReviewsOutput

Returns a paginated list of code review summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_code_reviews({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure


resp.code_review_summaries #=> Array
resp.code_review_summaries[0].code_review_id #=> String
resp.code_review_summaries[0].agent_space_id #=> String
resp.code_review_summaries[0].title #=> String
resp.code_review_summaries[0].created_at #=> Time
resp.code_review_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list code reviews for.

Returns:

See Also:



2437
2438
2439
2440
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2437

def list_code_reviews(params = {}, options = {})
  req = build_request(:list_code_reviews, params)
  req.send_request(options)
end

#list_discovered_endpoints(params = {}) ⇒ Types::ListDiscoveredEndpointsOutput

Returns a paginated list of endpoints discovered during a pentest job execution.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_discovered_endpoints({
  max_results: 1,
  pentest_job_id: "String", # required
  agent_space_id: "String", # required
  prefix: "String",
  next_token: "NextToken",
})

Response structure


resp.discovered_endpoints #=> Array
resp.discovered_endpoints[0].uri #=> String
resp.discovered_endpoints[0].pentest_job_id #=> String
resp.discovered_endpoints[0].task_id #=> String
resp.discovered_endpoints[0].agent_space_id #=> String
resp.discovered_endpoints[0].evidence #=> String
resp.discovered_endpoints[0].operation #=> String
resp.discovered_endpoints[0].description #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_job_id (required, String)

    The unique identifier of the pentest job to list discovered endpoints for.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :prefix (String)

    A prefix to filter discovered endpoints by URI.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2497
2498
2499
2500
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2497

def list_discovered_endpoints(params = {}, options = {})
  req = build_request(:list_discovered_endpoints, params)
  req.send_request(options)
end

#list_findings(params = {}) ⇒ Types::ListFindingsOutput

Lists the security findings for a pentest job.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_findings({
  max_results: 1,
  pentest_job_id: "String",
  code_review_job_id: "String",
  agent_space_id: "String", # required
  next_token: "NextToken",
  risk_type: "String",
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
  confidence: "FALSE_POSITIVE", # accepts FALSE_POSITIVE, UNCONFIRMED, LOW, MEDIUM, HIGH
  name: "String",
})

Response structure


resp.findings_summaries #=> Array
resp.findings_summaries[0].finding_id #=> String
resp.findings_summaries[0].agent_space_id #=> String
resp.findings_summaries[0].pentest_id #=> String
resp.findings_summaries[0].pentest_job_id #=> String
resp.findings_summaries[0].code_review_id #=> String
resp.findings_summaries[0].code_review_job_id #=> String
resp.findings_summaries[0].name #=> String
resp.findings_summaries[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings_summaries[0].risk_type #=> String
resp.findings_summaries[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings_summaries[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings_summaries[0].created_at #=> Time
resp.findings_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_job_id (String)

    The unique identifier of the pentest job to list findings for.

  • :code_review_job_id (String)

    The unique identifier of the code review job to list findings for. Mutually exclusive with pentestJobId.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :risk_type (String)

    Filter findings by risk type.

  • :risk_level (String)

    Filter findings by risk level.

  • :status (String)

    Filter findings by status.

  • :confidence (String)

    Filter findings by confidence level.

  • :name (String)

    Filter findings by name.

Returns:

See Also:



2582
2583
2584
2585
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2582

def list_findings(params = {}, options = {})
  req = build_request(:list_findings, params)
  req.send_request(options)
end

#list_integrated_resources(params = {}) ⇒ Types::ListIntegratedResourcesOutput

Lists the integrated resources for an agent space, optionally filtered by integration or resource type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId",
  resource_type: "CODE_REPOSITORY", # accepts CODE_REPOSITORY
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.integrated_resource_summaries #=> Array
resp.integrated_resource_summaries[0].integration_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.name #=> String
resp.integrated_resource_summaries[0].resource.github_repository.provider_resource_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.owner #=> String
resp.integrated_resource_summaries[0].resource.github_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
resp.integrated_resource_summaries[0].capabilities.github.leave_comments #=> Boolean
resp.integrated_resource_summaries[0].capabilities.github.remediate_code #=> Boolean
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list integrated resources for.

  • :integration_id (String)

    The unique identifier of the integration to filter by.

  • :resource_type (String)

    The type of resource to filter by.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2642
2643
2644
2645
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2642

def list_integrated_resources(params = {}, options = {})
  req = build_request(:list_integrated_resources, params)
  req.send_request(options)
end

#list_integrations(params = {}) ⇒ Types::ListIntegrationsOutput

Lists the integrations in your account, optionally filtered by provider or provider type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_integrations({
  filter: {
    provider: "GITHUB", # accepts GITHUB
    provider_type: "SOURCE_CODE", # accepts SOURCE_CODE, DOCUMENTATION
  },
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.integration_summaries #=> Array
resp.integration_summaries[0].integration_id #=> String
resp.integration_summaries[0].installation_id #=> String
resp.integration_summaries[0].provider #=> String, one of "GITHUB"
resp.integration_summaries[0].provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.integration_summaries[0].display_name #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :filter (Types::IntegrationFilter)

    A filter to apply to the list of integrations.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2694
2695
2696
2697
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2694

def list_integrations(params = {}, options = {})
  req = build_request(:list_integrations, params)
  req.send_request(options)
end

#list_memberships(params = {}) ⇒ Types::ListMembershipsResponse

Returns a paginated list of membership summaries for the specified agent space within an application.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_memberships({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  member_type: "USER", # accepts USER, ALL
  max_results: 1,
  next_token: "NextToken",
})

Response structure


resp.membership_summaries #=> Array
resp.membership_summaries[0].membership_id #=> String
resp.membership_summaries[0].application_id #=> String
resp.membership_summaries[0].agent_space_id #=> String
resp.membership_summaries[0].member_type #=> String, one of "USER"
resp.membership_summaries[0].config.user.role #=> String, one of "MEMBER"
resp.membership_summaries[0].metadata.user.username #=> String
resp.membership_summaries[0].metadata.user.email #=> String
resp.membership_summaries[0].created_at #=> Time
resp.membership_summaries[0].updated_at #=> Time
resp.membership_summaries[0].created_by #=> String
resp.membership_summaries[0].updated_by #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application that contains the agent space.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list memberships for.

  • :member_type (String)

    Filter memberships by member type.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2758
2759
2760
2761
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2758

def list_memberships(params = {}, options = {})
  req = build_request(:list_memberships, params)
  req.send_request(options)
end

#list_pentest_job_tasks(params = {}) ⇒ Types::ListPentestJobTasksOutput

Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_pentest_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  pentest_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
  category_name: "String",
  next_token: "NextToken",
})

Response structure


resp.task_summaries #=> Array
resp.task_summaries[0].task_id #=> String
resp.task_summaries[0].pentest_id #=> String
resp.task_summaries[0].pentest_job_id #=> String
resp.task_summaries[0].agent_space_id #=> String
resp.task_summaries[0].title #=> String
resp.task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.task_summaries[0].created_at #=> Time
resp.task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_job_id (String)

    The unique identifier of the pentest job to list tasks for.

  • :step_name (String)

    Filter tasks by step name. Valid values include PREFLIGHT, STATIC_ANALYSIS, PENTEST, and FINALIZING.

  • :category_name (String)

    Filter tasks by category name.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2824
2825
2826
2827
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2824

def list_pentest_job_tasks(params = {}, options = {})
  req = build_request(:list_pentest_job_tasks, params)
  req.send_request(options)
end

#list_pentest_jobs_for_pentest(params = {}) ⇒ Types::ListPentestJobsForPentestOutput

Returns a paginated list of pentest job summaries for the specified pentest configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_pentest_jobs_for_pentest({
  max_results: 1,
  pentest_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure


resp.pentest_job_summaries #=> Array
resp.pentest_job_summaries[0].pentest_job_id #=> String
resp.pentest_job_summaries[0].pentest_id #=> String
resp.pentest_job_summaries[0].title #=> String
resp.pentest_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_job_summaries[0].created_at #=> Time
resp.pentest_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :pentest_id (required, String)

    The unique identifier of the pentest to list jobs for.

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

See Also:



2878
2879
2880
2881
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2878

def list_pentest_jobs_for_pentest(params = {}, options = {})
  req = build_request(:list_pentest_jobs_for_pentest, params)
  req.send_request(options)
end

#list_pentests(params = {}) ⇒ Types::ListPentestsOutput

Returns a paginated list of pentest summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_pentests({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure


resp.pentest_summaries #=> Array
resp.pentest_summaries[0].pentest_id #=> String
resp.pentest_summaries[0].agent_space_id #=> String
resp.pentest_summaries[0].title #=> String
resp.pentest_summaries[0].created_at #=> Time
resp.pentest_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    The maximum number of results to return in a single call.

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :agent_space_id (required, String)

    The unique identifier of the agent space to list pentests for.

Returns:

See Also:



2927
2928
2929
2930
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2927

def list_pentests(params = {}, options = {})
  req = build_request(:list_pentests, params)
  req.send_request(options)
end

#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceOutput

Returns the tags associated with the specified resource.

Examples:

Request syntax with placeholder values


resp = client.list_tags_for_resource({
  resource_arn: "ResourceArn", # required
})

Response structure


resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the resource to list tags for.

Returns:

See Also:



2956
2957
2958
2959
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2956

def list_tags_for_resource(params = {}, options = {})
  req = build_request(:list_tags_for_resource, params)
  req.send_request(options)
end

#list_target_domains(params = {}) ⇒ Types::ListTargetDomainsOutput

Returns a paginated list of target domain summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values


resp = client.list_target_domains({
  next_token: "NextToken",
  max_results: 1,
})

Response structure


resp.target_domain_summaries #=> Array
resp.target_domain_summaries[0].target_domain_id #=> String
resp.target_domain_summaries[0].domain_name #=> String
resp.target_domain_summaries[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

  • :max_results (Integer)

    The maximum number of results to return in a single call.

Returns:

See Also:



2998
2999
3000
3001
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2998

def list_target_domains(params = {}, options = {})
  req = build_request(:list_target_domains, params)
  req.send_request(options)
end

#start_code_remediation(params = {}) ⇒ Struct

Initiates code remediation for one or more security findings. This creates pull requests in integrated repositories to fix the identified vulnerabilities.

Examples:

Request syntax with placeholder values


resp = client.start_code_remediation({
  agent_space_id: "String", # required
  pentest_job_id: "String",
  code_review_job_id: "String",
  finding_ids: ["String"], # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :pentest_job_id (String)

    The unique identifier of the pentest job that produced the findings. Mutually exclusive with codeReviewJobId.

  • :code_review_job_id (String)

    The unique identifier of the code review job that produced the findings. Mutually exclusive with pentestJobId.

  • :finding_ids (required, Array<String>)

    The list of finding identifiers to initiate code remediation for.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3036
3037
3038
3039
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3036

def start_code_remediation(params = {}, options = {})
  req = build_request(:start_code_remediation, params)
  req.send_request(options)
end

#start_code_review_job(params = {}) ⇒ Types::StartCodeReviewJobOutput

Starts a new code review job for a code review configuration. The job executes the security-focused code analysis defined in the code review.

Examples:

Request syntax with placeholder values


resp = client.start_code_review_job({
  agent_space_id: "String", # required
  code_review_id: "String", # required
})

Response structure


resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.code_review_id #=> String
resp.code_review_job_id #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :code_review_id (required, String)

    The unique identifier of the code review to start a job for.

Returns:

See Also:



3082
3083
3084
3085
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3082

def start_code_review_job(params = {}, options = {})
  req = build_request(:start_code_review_job, params)
  req.send_request(options)
end

#start_pentest_job(params = {}) ⇒ Types::StartPentestJobOutput

Starts a new pentest job for a pentest configuration. The job executes the security tests defined in the pentest.

Examples:

Request syntax with placeholder values


resp = client.start_pentest_job({
  agent_space_id: "String", # required
  pentest_id: "String", # required
})

Response structure


resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.pentest_id #=> String
resp.pentest_job_id #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :pentest_id (required, String)

    The unique identifier of the pentest to start a job for.

Returns:

See Also:



3127
3128
3129
3130
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3127

def start_pentest_job(params = {}, options = {})
  req = build_request(:start_pentest_job, params)
  req.send_request(options)
end

#stop_code_review_job(params = {}) ⇒ Struct

Stops a running code review job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values


resp = client.stop_code_review_job({
  agent_space_id: "String", # required
  code_review_job_id: "String", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :code_review_job_id (required, String)

    The unique identifier of the code review job to stop.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3154
3155
3156
3157
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3154

def stop_code_review_job(params = {}, options = {})
  req = build_request(:stop_code_review_job, params)
  req.send_request(options)
end

#stop_pentest_job(params = {}) ⇒ Struct

Stops a running pentest job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values


resp = client.stop_pentest_job({
  agent_space_id: "String", # required
  pentest_job_id: "String", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :pentest_job_id (required, String)

    The unique identifier of the pentest job to stop.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3181
3182
3183
3184
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3181

def stop_pentest_job(params = {}, options = {})
  req = build_request(:stop_pentest_job, params)
  req.send_request(options)
end

#tag_resource(params = {}) ⇒ Struct

Adds tags to a resource.

Examples:

Request syntax with placeholder values


resp = client.tag_resource({
  resource_arn: "ResourceArn", # required
  tags: { # required
    "TagKey" => "TagValue",
  },
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the resource to tag.

  • :tags (required, Hash<String,String>)

    The tags to add to the resource.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3209
3210
3211
3212
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3209

def tag_resource(params = {}, options = {})
  req = build_request(:tag_resource, params)
  req.send_request(options)
end

#untag_resource(params = {}) ⇒ Struct

Removes tags from a resource.

Examples:

Request syntax with placeholder values


resp = client.untag_resource({
  resource_arn: "ResourceArn", # required
  tag_keys: ["TagKey"], # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :resource_arn (required, String)

    The Amazon Resource Name (ARN) of the resource to remove tags from.

  • :tag_keys (required, Array<String>)

    The list of tag keys to remove from the resource.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3235
3236
3237
3238
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3235

def untag_resource(params = {}, options = {})
  req = build_request(:untag_resource, params)
  req.send_request(options)
end

#update_agent_space(params = {}) ⇒ Types::UpdateAgentSpaceOutput

Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.

Examples:

Request syntax with placeholder values


resp = client.update_agent_space({
  agent_space_id: "AgentSpaceId", # required
  name: "AgentName",
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
})

Response structure


resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space to update.

  • :name (String)

    The updated name of the agent space.

  • :description (String)

    The updated description of the agent space.

  • :aws_resources (Types::AWSResources)

    The updated AWS resources to associate with the agent space.

  • :target_domain_ids (Array<String>)

    The updated list of target domain identifiers to associate with the agent space.

  • :code_review_settings (Types::CodeReviewSettings)

    The updated code review settings for the agent space.

Returns:

See Also:



3333
3334
3335
3336
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3333

def update_agent_space(params = {}, options = {})
  req = build_request(:update_agent_space, params)
  req.send_request(options)
end

#update_application(params = {}) ⇒ Types::UpdateApplicationResponse

Updates the configuration of an existing application, including the IAM role and default KMS key.

Examples:

Request syntax with placeholder values


resp = client.update_application({
  application_id: "ApplicationId", # required
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
})

Response structure


resp.application_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :application_id (required, String)

    The unique identifier of the application to update.

  • :role_arn (String)

    The updated Amazon Resource Name (ARN) of the IAM role for the application.

  • :default_kms_key_id (String)

    The updated identifier of the default AWS KMS key for the application.

Returns:

See Also:



3371
3372
3373
3374
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3371

def update_application(params = {}, options = {})
  req = build_request(:update_application, params)
  req.send_request(options)
end

#update_code_review(params = {}) ⇒ Types::UpdateCodeReviewOutput

Updates an existing code review configuration.

Examples:

Request syntax with placeholder values


resp = client.update_code_review({
  code_review_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :code_review_id (required, String)

    The unique identifier of the code review to update.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the code review.

  • :title (String)

    The updated title of the code review.

  • :assets (Types::Assets)

    The updated assets for the code review.

  • :service_role (String)

    The updated IAM service role for the code review.

  • :log_config (Types::CloudWatchLog)

    The updated CloudWatch Logs configuration for the code review.

  • :code_remediation_strategy (String)

    The updated code remediation strategy for the code review.

Returns:

See Also:



3494
3495
3496
3497
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3494

def update_code_review(params = {}, options = {})
  req = build_request(:update_code_review, params)
  req.send_request(options)
end

#update_finding(params = {}) ⇒ Struct

Updates the status or risk level of a security finding.

Examples:

Request syntax with placeholder values


resp = client.update_finding({
  finding_id: "String", # required
  agent_space_id: "String", # required
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :finding_id (required, String)

    The unique identifier of the finding to update.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the finding.

  • :risk_level (String)

    The updated risk level for the finding.

  • :status (String)

    The updated status for the finding.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3528
3529
3530
3531
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3528

def update_finding(params = {}, options = {})
  req = build_request(:update_finding, params)
  req.send_request(options)
end

#update_integrated_resources(params = {}) ⇒ Struct

Updates the integrated resources for an agent space, including their capabilities.

Examples:

Request syntax with placeholder values


resp = client.update_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId", # required
  items: [ # required
    {
      resource: { # required
        github_repository: {
          name: "ProviderResourceName", # required
          owner: "GitHubOwner", # required
        },
      },
      capabilities: {
        github: {
          leave_comments: false,
          remediate_code: false,
        },
      },
    },
  ],
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :agent_space_id (required, String)

    The unique identifier of the agent space.

  • :integration_id (required, String)

    The unique identifier of the integration.

  • :items (required, Array<Types::IntegratedResourceInputItem>)

    The list of integrated resource items to update.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3574
3575
3576
3577
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3574

def update_integrated_resources(params = {}, options = {})
  req = build_request(:update_integrated_resources, params)
  req.send_request(options)
end

#update_pentest(params = {}) ⇒ Types::UpdatePentestOutput

Updates an existing pentest configuration.

Examples:

Request syntax with placeholder values


resp = client.update_pentest({
  pentest_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
})

Response structure


resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :pentest_id (required, String)

    The unique identifier of the pentest to update.

  • :agent_space_id (required, String)

    The unique identifier of the agent space that contains the pentest.

  • :title (String)

    The updated title of the pentest.

  • :assets (Types::Assets)

    The updated assets for the pentest.

  • :exclude_risk_types (Array<String>)

    The updated list of risk types to exclude from the pentest.

  • :service_role (String)

    The updated IAM service role for the pentest.

  • :log_config (Types::CloudWatchLog)

    The updated CloudWatch Logs configuration for the pentest.

  • :vpc_config (Types::VpcConfig)

    The updated VPC configuration for the pentest.

  • :network_traffic_config (Types::NetworkTrafficConfig)

    The updated network traffic configuration for the pentest.

  • :code_remediation_strategy (String)

    The updated code remediation strategy for the pentest.

Returns:

See Also:



3727
3728
3729
3730
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3727

def update_pentest(params = {}, options = {})
  req = build_request(:update_pentest, params)
  req.send_request(options)
end

#update_target_domain(params = {}) ⇒ Types::UpdateTargetDomainOutput

Updates the verification method for a target domain.

Examples:

Request syntax with placeholder values


resp = client.update_target_domain({
  target_domain_id: "TargetDomainId", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
})

Response structure


resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_id (required, String)

    The unique identifier of the target domain to update.

  • :verification_method (required, String)

    The updated verification method for the target domain.

Returns:

See Also:



3776
3777
3778
3779
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3776

def update_target_domain(params = {}, options = {})
  req = build_request(:update_target_domain, params)
  req.send_request(options)
end

#verify_target_domain(params = {}) ⇒ Types::VerifyTargetDomainOutput

Initiates verification of a target domain. This checks whether the domain ownership verification token has been properly configured.

Examples:

Request syntax with placeholder values


resp = client.verify_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure


resp.target_domain_id #=> String
resp.domain_name #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.verified_at #=> Time
resp.status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :target_domain_id (required, String)

    The unique identifier of the target domain to verify.

Returns:

See Also:



3817
3818
3819
3820
 
# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3817

def verify_target_domain(params = {}, options = {})
  req = build_request(:verify_target_domain, params)
  req.send_request(options)
end