SecurityAgent / Client / create_agent_space
create_agent_space¶
- SecurityAgent.Client.create_agent_space(**kwargs)¶
Creates an agent space record
See also: AWS API Documentation
Request Syntax
response = client.create_agent_space( name='string', description='string', awsResources={ 'vpcs': [ { 'vpcArn': 'string', 'securityGroupArns': [ 'string', ], 'subnetArns': [ 'string', ] }, ], 'logGroups': [ 'string', ], 's3Buckets': [ 'string', ], 'secretArns': [ 'string', ], 'lambdaFunctionArns': [ 'string', ], 'iamRoles': [ 'string', ] }, targetDomainIds=[ 'string', ], codeReviewSettings={ 'controlsScanning': True|False, 'generalPurposeScanning': True|False }, kmsKeyId='string', tags={ 'string': 'string' } )
- Parameters:
name (string) –
[REQUIRED]
Name of the agent space
description (string) – Description of the agent space
awsResources (dict) –
AWS resource configurations associated with the agent space
vpcs (list) –
VPC configurations that the Security Agent accesses in the customer environment
(dict) –
Customer VPC configuration that the Security Agent accesses
vpcArn (string) –
ARN or ID of the customer VPC
securityGroupArns (list) –
List of security group ARNs or IDs in the customer VPC
(string) –
ARN or ID of a security group
subnetArns (list) –
List of subnet ARNs or IDs in the customer VPC
(string) –
ARN or ID of a subnet
logGroups (list) –
CloudWatch log group ARNs or names used to store Security Agent logs
(string) –
Log group ARN or name for agent space AWS resources
s3Buckets (list) –
S3 bucket ARNs or names used to store Security Agent artifacts
(string) –
S3 bucket ARN or name for agent space AWS resources
secretArns (list) –
SecretsManager secret ARNs or names used to store tester credentials for pentests
(string) –
Secret ARN or name for agent space AWS resources
lambdaFunctionArns (list) –
Lambda function ARNs or names used to retrieve tester credentials for pentests
(string) –
Lambda function ARN or name for agent space AWS resources
iamRoles (list) –
IAM role ARNs that the Security Agent can assume to access customer resources
(string) –
ARN of an IAM role that the service can assume to access customer resources
targetDomainIds (list) –
Target domain IDs to associate with the agent space
(string) –
codeReviewSettings (dict) –
Configuration for code review analysis, including controls scanning and general purpose scanning settings
controlsScanning (boolean) – [REQUIRED]
Whether Controls are utilized for code review analysis
generalPurposeScanning (boolean) – [REQUIRED]
Whether general purpose analysis is performed for code review
kmsKeyId (string) – Identifier of the KMS key used to encrypt data. Can be a key ID, key ARN, alias name, or alias ARN. If not specified, an AWS managed key is used.
tags (dict) –
Tags to associate with the agent space
(string) –
Key for a resource tag
(string) –
Value for a resource tag
- Return type:
dict
- Returns:
Response Syntax
{ 'agentSpaceId': 'string', 'name': 'string', 'description': 'string', 'awsResources': { 'vpcs': [ { 'vpcArn': 'string', 'securityGroupArns': [ 'string', ], 'subnetArns': [ 'string', ] }, ], 'logGroups': [ 'string', ], 's3Buckets': [ 'string', ], 'secretArns': [ 'string', ], 'lambdaFunctionArns': [ 'string', ], 'iamRoles': [ 'string', ] }, 'targetDomainIds': [ 'string', ], 'codeReviewSettings': { 'controlsScanning': True|False, 'generalPurposeScanning': True|False }, 'kmsKeyId': 'string', 'createdAt': datetime(2015, 1, 1), 'updatedAt': datetime(2015, 1, 1) }
Response Structure
(dict) –
Output for the CreateAgentSpace operation
agentSpaceId (string) –
Unique identifier of the created agent space
name (string) –
Name of the created agent space
description (string) –
Description of the created agent space
awsResources (dict) –
AWS resource configurations associated with the agent space
vpcs (list) –
VPC configurations that the Security Agent accesses in the customer environment
(dict) –
Customer VPC configuration that the Security Agent accesses
vpcArn (string) –
ARN or ID of the customer VPC
securityGroupArns (list) –
List of security group ARNs or IDs in the customer VPC
(string) –
ARN or ID of a security group
subnetArns (list) –
List of subnet ARNs or IDs in the customer VPC
(string) –
ARN or ID of a subnet
logGroups (list) –
CloudWatch log group ARNs or names used to store Security Agent logs
(string) –
Log group ARN or name for agent space AWS resources
s3Buckets (list) –
S3 bucket ARNs or names used to store Security Agent artifacts
(string) –
S3 bucket ARN or name for agent space AWS resources
secretArns (list) –
SecretsManager secret ARNs or names used to store tester credentials for pentests
(string) –
Secret ARN or name for agent space AWS resources
lambdaFunctionArns (list) –
Lambda function ARNs or names used to retrieve tester credentials for pentests
(string) –
Lambda function ARN or name for agent space AWS resources
iamRoles (list) –
IAM role ARNs that the Security Agent can assume to access customer resources
(string) –
ARN of an IAM role that the service can assume to access customer resources
targetDomainIds (list) –
List of target domain IDs registered with the agent space
(string) –
codeReviewSettings (dict) –
Configuration for code review analysis, including controls scanning and general purpose scanning settings
controlsScanning (boolean) –
Whether Controls are utilized for code review analysis
generalPurposeScanning (boolean) –
Whether general purpose analysis is performed for code review
kmsKeyId (string) –
Identifier of the KMS key used to encrypt data. Can be a key ID, key ARN, alias name, or alias ARN. If not specified, an AWS managed key is used.
createdAt (datetime) –
Timestamp when the agent space was created
updatedAt (datetime) –
Timestamp when the agent space was last updated