Class: Aws::SecurityAgent::Client

Inherits:

Seahorse::Client::Base

• Object
• Seahorse::Client::Base
• Aws::SecurityAgent::Client

Includes:

ClientStubs

Defined in:

gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb

Overview

An API client for SecurityAgent. To construct a client, you need to configure a :region and :credentials.

client = Aws::SecurityAgent::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

For details on configuring region and credentials see the developer guide.

See #initialize for a full list of supported configuration options.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations

• #add_artifact(params = {}) ⇒ Types::AddArtifactOutput

  Uploads an artifact to an agent space.

• #batch_create_security_requirements(params = {}) ⇒ Types::BatchCreateSecurityRequirementsOutput

  Batch creates security requirements in a customer managed pack.

• #batch_delete_code_reviews(params = {}) ⇒ Types::BatchDeleteCodeReviewsOutput

  Deletes one or more code reviews from an agent space.

• #batch_delete_pentests(params = {}) ⇒ Types::BatchDeletePentestsOutput

  Deletes one or more pentests from an agent space.

• #batch_delete_security_requirements(params = {}) ⇒ Types::BatchDeleteSecurityRequirementsOutput

  Batch deletes security requirements from a customer managed pack.

• #batch_delete_threat_models(params = {}) ⇒ Types::BatchDeleteThreatModelsOutput

  Deletes one or more threat models from an agent space.

• #batch_get_agent_spaces(params = {}) ⇒ Types::BatchGetAgentSpacesOutput

  Retrieves information about one or more agent spaces.

• #batch_get_artifact_metadata(params = {}) ⇒ Types::BatchGetArtifactMetadataOutput

  Retrieves metadata for one or more artifacts in an agent space.

• #batch_get_code_review_job_tasks(params = {}) ⇒ Types::BatchGetCodeReviewJobTasksOutput

  Retrieves information about one or more tasks within a code review job.

• #batch_get_code_review_jobs(params = {}) ⇒ Types::BatchGetCodeReviewJobsOutput

  Retrieves information about one or more code review jobs in an agent space.

• #batch_get_code_reviews(params = {}) ⇒ Types::BatchGetCodeReviewsOutput

  Retrieves information about one or more code reviews in an agent space.

• #batch_get_findings(params = {}) ⇒ Types::BatchGetFindingsOutput

  Retrieves information about one or more security findings in an agent space.

• #batch_get_pentest_job_tasks(params = {}) ⇒ Types::BatchGetPentestJobTasksOutput

  Retrieves information about one or more tasks within a pentest job.

• #batch_get_pentest_jobs(params = {}) ⇒ Types::BatchGetPentestJobsOutput

  Retrieves information about one or more pentest jobs in an agent space.

• #batch_get_pentests(params = {}) ⇒ Types::BatchGetPentestsOutput

  Retrieves information about one or more pentests in an agent space.

• #batch_get_security_requirements(params = {}) ⇒ Types::BatchGetSecurityRequirementsOutput

  Batch retrieves security requirements from a pack.

• #batch_get_target_domains(params = {}) ⇒ Types::BatchGetTargetDomainsOutput

  Retrieves information about one or more target domains.

• #batch_get_threat_model_job_tasks(params = {}) ⇒ Types::BatchGetThreatModelJobTasksOutput

  Retrieves information about one or more tasks within a threat model job.

• #batch_get_threat_model_jobs(params = {}) ⇒ Types::BatchGetThreatModelJobsOutput

  Retrieves information about one or more threat model jobs in an agent space.

• #batch_get_threat_models(params = {}) ⇒ Types::BatchGetThreatModelsOutput

  Retrieves information about one or more threat models in an agent space.

• #batch_get_threats(params = {}) ⇒ Types::BatchGetThreatsOutput

  Retrieves information about one or more threats.

• #batch_update_security_requirements(params = {}) ⇒ Types::BatchUpdateSecurityRequirementsOutput

  Batch updates security requirements within a customer managed pack.

• #create_agent_space(params = {}) ⇒ Types::CreateAgentSpaceOutput

  Creates a new agent space.

• #create_application(params = {}) ⇒ Types::CreateApplicationResponse

  Creates a new application.

• #create_code_review(params = {}) ⇒ Types::CreateCodeReviewOutput

  Creates a new code review configuration in an agent space.

• #create_integration(params = {}) ⇒ Types::CreateIntegrationOutput

  Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.

• #create_membership(params = {}) ⇒ Struct

  Creates a new membership, granting a user access to an agent space within an application.

• #create_pentest(params = {}) ⇒ Types::CreatePentestOutput

  Creates a new pentest configuration in an agent space.

• #create_private_connection(params = {}) ⇒ Types::CreatePrivateConnectionOutput

  Creates a private connection for reaching a self-hosted provider instance over private networking using Amazon VPC Lattice.

• #create_security_requirement_pack(params = {}) ⇒ Types::CreateSecurityRequirementPackOutput

  Creates a customer managed security requirement pack.

• #create_target_domain(params = {}) ⇒ Types::CreateTargetDomainOutput

  Creates a new target domain for penetration testing.

• #create_threat(params = {}) ⇒ Types::CreateThreatOutput

  Creates a new threat under a threat model job.

• #create_threat_model(params = {}) ⇒ Types::CreateThreatModelOutput

  Creates a new threat model configuration in an agent space.

• #delete_agent_space(params = {}) ⇒ Types::DeleteAgentSpaceOutput

  Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.

• #delete_application(params = {}) ⇒ Struct

  Deletes an application and its associated configuration, including IAM Identity Center settings.

• #delete_artifact(params = {}) ⇒ Struct

  Deletes an artifact from an agent space.

• #delete_integration(params = {}) ⇒ Struct

  Deletes an integration with a third-party provider.

• #delete_membership(params = {}) ⇒ Struct

  Deletes a membership, revoking a user's access to an agent space.

• #delete_private_connection(params = {}) ⇒ Types::DeletePrivateConnectionOutput

  Deletes a private connection.

• #delete_security_requirement_pack(params = {}) ⇒ Struct

  Deletes a customer managed security requirement pack and all its associated security requirements.

• #delete_target_domain(params = {}) ⇒ Types::DeleteTargetDomainOutput

  Deletes a target domain registration.

• #describe_private_connection(params = {}) ⇒ Types::DescribePrivateConnectionOutput

  Retrieves the details of a private connection.

• #get_application(params = {}) ⇒ Types::GetApplicationResponse

  Retrieves information about an application.

• #get_artifact(params = {}) ⇒ Types::GetArtifactOutput

  Retrieves an artifact from an agent space.

• #get_integration(params = {}) ⇒ Types::GetIntegrationOutput

  Retrieves information about an integration.

• #get_security_requirement_pack(params = {}) ⇒ Types::GetSecurityRequirementPackOutput

  Retrieves information about a security requirement pack.

• #import_security_requirements(params = {}) ⇒ Types::ImportSecurityRequirementsOutput

  Imports security requirements from uploaded documents into a customer managed security requirement pack.

• #initiate_provider_registration(params = {}) ⇒ Types::InitiateProviderRegistrationOutput

  Initiates the OAuth registration flow with a third-party provider.

• #list_agent_spaces(params = {}) ⇒ Types::ListAgentSpacesOutput

  Returns a paginated list of agent space summaries in your account.

• #list_applications(params = {}) ⇒ Types::ListApplicationsResponse

  Returns a paginated list of application summaries in your account.

• #list_artifacts(params = {}) ⇒ Types::ListArtifactsOutput

  Returns a paginated list of artifact summaries for the specified agent space.

• #list_code_review_job_tasks(params = {}) ⇒ Types::ListCodeReviewJobTasksOutput

  Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.

• #list_code_review_jobs_for_code_review(params = {}) ⇒ Types::ListCodeReviewJobsForCodeReviewOutput

  Returns a paginated list of code review job summaries for the specified code review configuration.

• #list_code_reviews(params = {}) ⇒ Types::ListCodeReviewsOutput

  Returns a paginated list of code review summaries for the specified agent space.

• #list_discovered_endpoints(params = {}) ⇒ Types::ListDiscoveredEndpointsOutput

  Returns a paginated list of endpoints discovered during a pentest job execution.

• #list_findings(params = {}) ⇒ Types::ListFindingsOutput

  Lists the security findings for a pentest job.

• #list_integrated_resources(params = {}) ⇒ Types::ListIntegratedResourcesOutput

  Lists the integrated resources for an agent space, optionally filtered by integration or resource type.

• #list_integrations(params = {}) ⇒ Types::ListIntegrationsOutput

  Lists the integrations in your account, optionally filtered by provider or provider type.

• #list_memberships(params = {}) ⇒ Types::ListMembershipsResponse

  Returns a paginated list of membership summaries for the specified agent space within an application.

• #list_pentest_job_tasks(params = {}) ⇒ Types::ListPentestJobTasksOutput

  Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.

• #list_pentest_jobs_for_pentest(params = {}) ⇒ Types::ListPentestJobsForPentestOutput

  Returns a paginated list of pentest job summaries for the specified pentest configuration.

• #list_pentests(params = {}) ⇒ Types::ListPentestsOutput

  Returns a paginated list of pentest summaries for the specified agent space.

• #list_private_connections(params = {}) ⇒ Types::ListPrivateConnectionsOutput

  Lists the private connections in your account.

• #list_security_requirement_packs(params = {}) ⇒ Types::ListSecurityRequirementPacksOutput

  Lists all security requirement packs in the caller's account.

• #list_security_requirements(params = {}) ⇒ Types::ListSecurityRequirementsOutput

  Lists security requirements within a pack.

• #list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceOutput

  Returns the tags associated with the specified resource.

• #list_target_domains(params = {}) ⇒ Types::ListTargetDomainsOutput

  Returns a paginated list of target domain summaries in your account.

• #list_threat_model_job_tasks(params = {}) ⇒ Types::ListThreatModelJobTasksOutput

  Returns a paginated list of task summaries for the specified threat model job.

• #list_threat_model_jobs(params = {}) ⇒ Types::ListThreatModelJobsOutput

  Returns a paginated list of threat model job summaries for the specified threat model.

• #list_threat_models(params = {}) ⇒ Types::ListThreatModelsOutput

  Returns a paginated list of threat model summaries for the specified agent space.

• #list_threats(params = {}) ⇒ Types::ListThreatsOutput

  Returns a paginated list of threats for a threat model job.

• #start_code_remediation(params = {}) ⇒ Struct

  Initiates code remediation for one or more security findings.

• #start_code_review_job(params = {}) ⇒ Types::StartCodeReviewJobOutput

  Starts a new code review job for a code review configuration.

• #start_pentest_job(params = {}) ⇒ Types::StartPentestJobOutput

  Starts a new pentest job for a pentest configuration.

• #start_threat_model_job(params = {}) ⇒ Types::StartThreatModelJobOutput

  Starts a new threat model job for a threat model configuration.

• #stop_code_review_job(params = {}) ⇒ Struct

  Stops a running code review job.

• #stop_pentest_job(params = {}) ⇒ Struct

  Stops a running pentest job.

• #stop_threat_model_job(params = {}) ⇒ Struct

  Stops a running threat model job.

• #tag_resource(params = {}) ⇒ Struct

  Adds tags to a resource.

• #untag_resource(params = {}) ⇒ Struct

  Removes tags from a resource.

• #update_agent_space(params = {}) ⇒ Types::UpdateAgentSpaceOutput

  Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.

• #update_application(params = {}) ⇒ Types::UpdateApplicationResponse

  Updates the configuration of an existing application, including the IAM role and default KMS key.

• #update_code_review(params = {}) ⇒ Types::UpdateCodeReviewOutput

  Updates an existing code review configuration.

• #update_finding(params = {}) ⇒ Struct

  Updates the status or risk level of a security finding.

• #update_integrated_resources(params = {}) ⇒ Struct

  Updates the integrated resources for an agent space, including their capabilities.

• #update_pentest(params = {}) ⇒ Types::UpdatePentestOutput

  Updates an existing pentest configuration.

• #update_private_connection_certificate(params = {}) ⇒ Types::UpdatePrivateConnectionCertificateOutput

  Updates the certificate associated with a private connection.

• #update_security_requirement_pack(params = {}) ⇒ Types::UpdateSecurityRequirementPackOutput

  Updates a security requirement pack.

• #update_target_domain(params = {}) ⇒ Types::UpdateTargetDomainOutput

  Updates the verification method for a target domain.

• #update_threat(params = {}) ⇒ Types::UpdateThreatOutput

  Updates a threat.

• #update_threat_model(params = {}) ⇒ Types::UpdateThreatModelOutput

  Updates an existing threat model configuration.

• #verify_target_domain(params = {}) ⇒ Types::VerifyTargetDomainOutput

  Initiates verification of a target domain.

Instance Method Summary

• #initialize(options) ⇒ Client constructor

  A new instance of Client.

Methods included from ClientStubs

#api_requests, #stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options) ⇒ Client

Returns a new instance of Client.

Parameters:

• options (Hash)

Options Hash (options):

• :plugins (Array<Seahorse::Client::Plugin>) — default: []] —

  A list of plugins to apply to the client. Each plugin is either a class name or an instance of a plugin class.

• :credentials (required, Aws::CredentialProvider) —

  Your AWS credentials used for authentication. This can be any class that includes and implements Aws::CredentialProvider, or instance of any one of the following classes:

  • Aws::Credentials - Used for configuring static, non-refreshing credentials.

  • Aws::SharedCredentials - Used for loading static credentials from a shared file, such as ~/.aws/config.

  • Aws::AssumeRoleCredentials - Used when you need to assume a role.

  • Aws::AssumeRoleWebIdentityCredentials - Used when you need to assume a role after providing credentials via the web.

  • Aws::SSOCredentials - Used for loading credentials from AWS SSO using an access token generated from aws login.

  • Aws::ProcessCredentials - Used for loading credentials from a process that outputs to stdout.

  • Aws::InstanceProfileCredentials - Used for loading credentials from an EC2 IMDS on an EC2 instance.

  • Aws::ECSCredentials - Used for loading credentials from instances running in ECS.

  • Aws::CognitoIdentityCredentials - Used for loading credentials from the Cognito Identity service.

  When :credentials are not configured directly, the following locations will be searched for credentials:

  • Aws.config[:credentials]

  • The :access_key_id, :secret_access_key, :session_token, and :account_id options.

  • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'], ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID'].

  • ~/.aws/credentials

  • ~/.aws/config

  • EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive. Construct and pass an instance of Aws::InstanceProfileCredentials or Aws::ECSCredentials to enable retries and extended timeouts. Instance profile credential fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] to true.

• :region (required, String) —

  The AWS region to connect to. The configured :region is used to determine the service :endpoint. When not passed, a default :region is searched for in the following locations:

  • Aws.config[:region]
  • ENV['AWS_REGION']
  • ENV['AMAZON_REGION']
  • ENV['AWS_DEFAULT_REGION']
  • ~/.aws/credentials
  • ~/.aws/config
• :access_key_id (String)
• :account_id (String)
• :active_endpoint_cache (Boolean) — default: false —

  When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false.

• :adaptive_retry_wait_to_fill (Boolean) — default: true —

  Used only in adaptive retry mode. When true, the request will sleep until there is sufficent client side capacity to retry the request. When false, the request will raise a RetryCapacityNotAvailableError and will not retry instead of sleeping.

• :auth_scheme_preference (Array<String>) —

  A list of preferred authentication schemes to use when making a request. Supported values are: sigv4, sigv4a, httpBearerAuth, and noAuth. When set using ENV['AWS_AUTH_SCHEME_PREFERENCE'] or in shared config as auth_scheme_preference, the value should be a comma-separated list.

• :client_side_monitoring (Boolean) — default: false —

  When true, client-side metrics will be collected for all API requests from this client.

• :client_side_monitoring_client_id (String) — default: "" —

  Allows you to provide an identifier for this client which will be attached to all generated client side metrics. Defaults to an empty string.

• :client_side_monitoring_host (String) — default: "127.0.0.1" —

  Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client side monitoring agent is running on, where client metrics will be published via UDP.

• :client_side_monitoring_port (Integer) — default: 31000 —

  Required for publishing client metrics. The port that the client side monitoring agent is running on, where client metrics will be published via UDP.

• :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) — default: Aws::ClientSideMonitoring::Publisher —

  Allows you to provide a custom client-side monitoring publisher class. By default, will use the Client Side Monitoring Agent Publisher.

• :convert_params (Boolean) — default: true —

  When true, an attempt is made to coerce request parameters into the required types.

• :correct_clock_skew (Boolean) — default: true —

  Used only in standard and adaptive retry modes. Specifies whether to apply a clock skew correction and retry requests with skewed client clocks.

• :defaults_mode (String) — default: "legacy" —

  See DefaultsModeConfiguration for a list of the accepted modes and the configuration defaults that are included.

• :disable_host_prefix_injection (Boolean) — default: false —

  When true, the SDK will not prepend the modeled host prefix to the endpoint.

• :disable_request_compression (Boolean) — default: false —

  When set to 'true' the request body will not be compressed for supported operations.

• :endpoint (String, URI::HTTPS, URI::HTTP) —

  Normally you should not configure the :endpoint option directly. This is normally constructed from the :region option. Configuring :endpoint is normally reserved for connecting to test or custom endpoints. The endpoint should be a URI formatted like:

  'http://example.com'
  'https://example.com'
  'http://example.com:123'
  

• :endpoint_cache_max_entries (Integer) — default: 1000 —

  Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000.

• :endpoint_cache_max_threads (Integer) — default: 10 —

  Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.

• :endpoint_cache_poll_interval (Integer) — default: 60 —

  When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec.

• :endpoint_discovery (Boolean) — default: false —

  When set to true, endpoint discovery will be enabled for operations when available.

• :ignore_configured_endpoint_urls (Boolean) —

  Setting to true disables use of endpoint URLs provided via environment variables and the shared configuration file.

• :log_formatter (Aws::Log::Formatter) — default: Aws::Log::Formatter.default —

  The log formatter.

• :log_level (Symbol) — default: :info —

  The log level to send messages to the :logger at.

• :logger (Logger) —

  The Logger instance to send log messages to. If this option is not set, logging will be disabled.

• :max_attempts (Integer) — default: 3 —

  An integer representing the maximum number attempts that will be made for a single request, including the initial attempt. For example, setting this value to 5 will result in a request being retried up to 4 times. Used in standard and adaptive retry modes.

• :profile (String) — default: "default" —

  Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used.

• :request_checksum_calculation (String) — default: "when_supported" —

  Determines when a checksum will be calculated for request payloads. Values are:

  • when_supported - (default) When set, a checksum will be calculated for all request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true and/or a requestAlgorithmMember is modeled.
  • when_required - When set, a checksum will only be calculated for request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true or where a requestAlgorithmMember is modeled and supplied.
• :request_min_compression_size_bytes (Integer) — default: 10240 —

  The minimum size in bytes that triggers compression for request bodies. The value must be non-negative integer value between 0 and 10485780 bytes inclusive.

• :response_checksum_validation (String) — default: "when_supported" —

  Determines when checksum validation will be performed on response payloads. Values are:

  • when_supported - (default) When set, checksum validation is performed on all response payloads of operations modeled with the httpChecksum trait where responseAlgorithms is modeled, except when no modeled checksum algorithms are supported.
  • when_required - When set, checksum validation is not performed on response payloads of operations unless the checksum algorithm is supported and the requestValidationModeMember member is set to ENABLED.
• :retry_backoff (Proc) —

  A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. This option is only used in the legacy retry mode.

• :retry_base_delay (Float) — default: 0.3 —

  The base delay in seconds used by the default backoff function. This option is only used in the legacy retry mode.

• :retry_jitter (Symbol) — default: :none —

  A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number. This option is only used in the legacy retry mode.

  @see https://www.awsarchitectureblog.com/2015/03/backoff.html

• :retry_limit (Integer) — default: 3 —

  The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors, auth errors, endpoint discovery, and errors from expired credentials. This option is only used in the legacy retry mode.

• :retry_max_delay (Integer) — default: 0 —

  The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function. This option is only used in the legacy retry mode.

• :retry_mode (String) — default: "legacy" —

  Specifies which retry algorithm to use. Values are:

  • legacy - The pre-existing retry behavior. This is the default value if no retry mode is provided.

  • standard - A standardized set of retry rules across the AWS SDKs. This includes support for retry quotas, which limit the number of unsuccessful retries a client can make.

  • adaptive - A retry mode that includes all the functionality of standard mode along with automatic client side throttling.

• :sdk_ua_app_id (String) —

  A unique and opaque application ID that is appended to the User-Agent header as app/sdk_ua_app_id. It should have a maximum length of 50. This variable is sourced from environment variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.

• :secret_access_key (String)
• :session_token (String)
• :sigv4a_signing_region_set (Array) —

  A list of regions that should be signed with SigV4a signing. When not passed, a default :sigv4a_signing_region_set is searched for in the following locations:

  • Aws.config[:sigv4a_signing_region_set]
  • ENV['AWS_SIGV4A_SIGNING_REGION_SET']
  • ~/.aws/config
• :stub_responses (Boolean) — default: false —

  Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

  Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled.

• :telemetry_provider (Aws::Telemetry::TelemetryProviderBase) — default: Aws::Telemetry::NoOpTelemetryProvider —

  Allows you to provide a telemetry provider, which is used to emit telemetry data. By default, uses NoOpTelemetryProvider which will not record or emit any telemetry data. The SDK supports the following telemetry providers:

  • OpenTelemetry (OTel) - To use the OTel provider, install and require the opentelemetry-sdk gem and then, pass in an instance of a Aws::Telemetry::OTelProvider for telemetry provider.
• :token_provider (Aws::TokenProvider) —

  Your Bearer token used for authentication. This can be any class that includes and implements Aws::TokenProvider, or instance of any one of the following classes:

  • Aws::StaticTokenProvider - Used for configuring static, non-refreshing tokens.

  • Aws::SSOTokenProvider - Used for loading tokens from AWS SSO using an access token generated from aws login.

  When :token_provider is not configured directly, the Aws::TokenProviderChain will be used to search for tokens configured for your profile in shared configuration files.

• :use_dualstack_endpoint (Boolean) —

  When set to true, dualstack enabled endpoints (with .aws TLD) will be used if available.

• :use_fips_endpoint (Boolean) —

  When set to true, fips compatible endpoints will be used if available. When a fips region is used, the region is normalized and this config is set to true.

• :validate_params (Boolean) — default: true —

  When true, request parameters are validated before sending the request.

• :endpoint_provider (Aws::SecurityAgent::EndpointProvider) —

  The endpoint provider used to resolve endpoints. Any object that responds to #resolve_endpoint(parameters) where parameters is a Struct similar to Aws::SecurityAgent::EndpointParameters.

• :http_continue_timeout (Float) — default: 1 —

  The number of seconds to wait for a 100-continue response before sending the request body. This option has no effect unless the request has "Expect" header set to "100-continue". Defaults to nil which disables this behaviour. This value can safely be set per request on the session.

• :http_idle_timeout (Float) — default: 5 —

  The number of seconds a connection is allowed to sit idle before it is considered stale. Stale connections are closed and removed from the pool before making a request.

• :http_open_timeout (Float) — default: 15 —

  The default number of seconds to wait for response data. This value can safely be set per-request on the session.

• :http_proxy (URI::HTTP, String) —

  A proxy to send requests through. Formatted like 'http://proxy.com:123'.

• :http_read_timeout (Float) — default: 60 —

  The default number of seconds to wait for response data. This value can safely be set per-request on the session.

• :http_wire_trace (Boolean) — default: false —

  When true, HTTP debug output will be sent to the :logger.

• :on_chunk_received (Proc) —

  When a Proc object is provided, it will be used as callback when each chunk of the response body is received. It provides three arguments: the chunk, the number of bytes received, and the total number of bytes in the response (or nil if the server did not send a content-length).

• :on_chunk_sent (Proc) —

  When a Proc object is provided, it will be used as callback when each chunk of the request body is sent. It provides three arguments: the chunk, the number of bytes read from the body, and the total number of bytes in the body.

• :raise_response_errors (Boolean) — default: true —

  When true, response errors are raised.

• :ssl_ca_bundle (String) —

  Full path to the SSL certificate authority bundle file that should be used when verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

• :ssl_ca_directory (String) —

  Full path of the directory that contains the unbundled SSL certificate authority files for verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

• :ssl_ca_store (String) —

  Sets the X509::Store to verify peer certificate.

• :ssl_cert (OpenSSL::X509::Certificate) —

  Sets a client certificate when creating http connections.

• :ssl_key (OpenSSL::PKey) —

  Sets a client key when creating http connections.

• :ssl_timeout (Float) —

  Sets the SSL timeout in seconds

• :ssl_verify_peer (Boolean) — default: true —

  When true, SSL peer certificates are verified when establishing a connection.

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 471

def initialize(*args)
  super
end

Instance Method Details

#add_artifact(params = {}) ⇒ Types::AddArtifactOutput

Uploads an artifact to an agent space. Artifacts provide additional context for security testing, such as architecture diagrams, API specifications, or configuration files.

Examples:

Request syntax with placeholder values

resp = client.add_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_content: "data", # required
  artifact_type: "TXT", # required, accepts TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, YAML
  file_name: "String", # required
})

Response structure

resp.artifact_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to add the artifact to.

• :artifact_content (required, String, StringIO, File) —

  The binary content of the artifact to upload.

• :artifact_type (required, String) —

  The file type of the artifact. Valid values include TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, and YAML.

• :file_name (required, String) —

  The file name of the artifact.

Returns:

• (Types::AddArtifactOutput) —

  Returns a response object which responds to the following methods:

  • #artifact_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 515

def add_artifact(params = {}, options = {})
  req = build_request(:add_artifact, params)
  req.send_request(options)
end

#batch_create_security_requirements(params = {}) ⇒ Types::BatchCreateSecurityRequirementsOutput

Batch creates security requirements in a customer managed pack.

Examples:

Request syntax with placeholder values

resp = client.batch_create_security_requirements({
  pack_id: "SecurityRequirementPackId", # required
  security_requirements: [ # required
    {
      name: "SecurityRequirementName", # required
      description: "String", # required
      domain: "String", # required
      evaluation: "String", # required
      remediation: "String",
    },
  ],
})

Response structure

resp.security_requirements #=> Array
resp.security_requirements[0].pack_id #=> String
resp.security_requirements[0].name #=> String
resp.security_requirements[0].description #=> String
resp.security_requirements[0].domain #=> String
resp.security_requirements[0].evaluation #=> String
resp.security_requirements[0].remediation #=> String
resp.security_requirements[0].created_at #=> Time
resp.security_requirements[0].updated_at #=> Time
resp.errors #=> Array
resp.errors[0].security_requirement_name #=> String
resp.errors[0].code #=> String
resp.errors[0].message #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to add requirements to.

• :security_requirements (required, Array<Types::CreateSecurityRequirementEntry>) —

  The list of security requirements to create.

Returns:

• (Types::BatchCreateSecurityRequirementsOutput) —

  Returns a response object which responds to the following methods:

  • #security_requirements => Array<Types::BatchCreateSecurityRequirementResult>
  • #errors => Array<Types::BatchSecurityRequirementError>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 569

def batch_create_security_requirements(params = {}, options = {})
  req = build_request(:batch_create_security_requirements, params)
  req.send_request(options)
end

#batch_delete_code_reviews(params = {}) ⇒ Types::BatchDeleteCodeReviewsOutput

Deletes one or more code reviews from an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_delete_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.deleted #=> Array
resp.deleted[0] #=> String
resp.failed #=> Array
resp.failed[0].code_review_id #=> String
resp.failed[0].reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_ids (required, Array<String>) —

  The list of code review identifiers to delete.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code reviews to delete.

Returns:

• (Types::BatchDeleteCodeReviewsOutput) —

  Returns a response object which responds to the following methods:

  • #deleted => Array<String>
  • #failed => Array<Types::DeleteCodeReviewFailure>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 607

def batch_delete_code_reviews(params = {}, options = {})
  req = build_request(:batch_delete_code_reviews, params)
  req.send_request(options)
end

#batch_delete_pentests(params = {}) ⇒ Types::BatchDeletePentestsOutput

Deletes one or more pentests from an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_delete_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.deleted #=> Array
resp.deleted[0].pentest_id #=> String
resp.deleted[0].agent_space_id #=> String
resp.deleted[0].title #=> String
resp.deleted[0].assets.endpoints #=> Array
resp.deleted[0].assets.endpoints[0].uri #=> String
resp.deleted[0].assets.actors #=> Array
resp.deleted[0].assets.actors[0].identifier #=> String
resp.deleted[0].assets.actors[0].uris #=> Array
resp.deleted[0].assets.actors[0].uris[0] #=> String
resp.deleted[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.deleted[0].assets.actors[0].authentication.value #=> String
resp.deleted[0].assets.actors[0].description #=> String
resp.deleted[0].assets.documents #=> Array
resp.deleted[0].assets.documents[0].s3_location #=> String
resp.deleted[0].assets.documents[0].artifact_id #=> String
resp.deleted[0].assets.documents[0].integrated_document.integration_id #=> String
resp.deleted[0].assets.documents[0].integrated_document.resource_id #=> String
resp.deleted[0].assets.source_code #=> Array
resp.deleted[0].assets.source_code[0].s3_location #=> String
resp.deleted[0].assets.integrated_repositories #=> Array
resp.deleted[0].assets.integrated_repositories[0].integration_id #=> String
resp.deleted[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.deleted[0].exclude_risk_types #=> Array
resp.deleted[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.deleted[0].service_role #=> String
resp.deleted[0].log_config.log_group #=> String
resp.deleted[0].log_config.log_stream #=> String
resp.deleted[0].vpc_config.vpc_arn #=> String
resp.deleted[0].vpc_config.security_group_arns #=> Array
resp.deleted[0].vpc_config.security_group_arns[0] #=> String
resp.deleted[0].vpc_config.subnet_arns #=> Array
resp.deleted[0].vpc_config.subnet_arns[0] #=> String
resp.deleted[0].network_traffic_config.rules #=> Array
resp.deleted[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.deleted[0].network_traffic_config.rules[0].pattern #=> String
resp.deleted[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.deleted[0].network_traffic_config.custom_headers #=> Array
resp.deleted[0].network_traffic_config.custom_headers[0].name #=> String
resp.deleted[0].network_traffic_config.custom_headers[0].value #=> String
resp.deleted[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.deleted[0].clean_up_strategy #=> String, one of "BEST_EFFORT_DELETE", "RETAIN_ALL"
resp.deleted[0].disable_managed_skills #=> Array
resp.deleted[0].disable_managed_skills[0] #=> String, one of "FINDING_PERSONALIZATION", "LOGIN_OPTIMIZATION"
resp.deleted[0].created_at #=> Time
resp.deleted[0].updated_at #=> Time
resp.failed #=> Array
resp.failed[0].pentest_id #=> String
resp.failed[0].reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_ids (required, Array<String>) —

  The list of pentest identifiers to delete.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentests to delete.

Returns:

• (Types::BatchDeletePentestsOutput) —

  Returns a response object which responds to the following methods:

  • #deleted => Array<Types::Pentest>
  • #failed => Array<Types::DeletePentestFailure>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 689

def batch_delete_pentests(params = {}, options = {})
  req = build_request(:batch_delete_pentests, params)
  req.send_request(options)
end

#batch_delete_security_requirements(params = {}) ⇒ Types::BatchDeleteSecurityRequirementsOutput

Batch deletes security requirements from a customer managed pack.

Examples:

Request syntax with placeholder values

resp = client.batch_delete_security_requirements({
  pack_id: "SecurityRequirementPackId", # required
  security_requirement_names: ["SecurityRequirementName"], # required
})

Response structure

resp.deleted_security_requirement_names #=> Array
resp.deleted_security_requirement_names[0] #=> String
resp.errors #=> Array
resp.errors[0].security_requirement_name #=> String
resp.errors[0].code #=> String
resp.errors[0].message #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to remove requirements from.

• :security_requirement_names (required, Array<String>) —

  The list of security requirement names to delete.

Returns:

• (Types::BatchDeleteSecurityRequirementsOutput) —

  Returns a response object which responds to the following methods:

  • #deleted_security_requirement_names => Array<String>
  • #errors => Array<Types::BatchSecurityRequirementError>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 728

def batch_delete_security_requirements(params = {}, options = {})
  req = build_request(:batch_delete_security_requirements, params)
  req.send_request(options)
end

#batch_delete_threat_models(params = {}) ⇒ Types::BatchDeleteThreatModelsOutput

Deletes one or more threat models from an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_delete_threat_models({
  threat_model_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.deleted #=> Array
resp.deleted[0] #=> String
resp.failed #=> Array
resp.failed[0].threat_model_id #=> String
resp.failed[0].reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :threat_model_ids (required, Array<String>) —

  The list of threat model identifiers to delete.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the threat models to delete.

Returns:

• (Types::BatchDeleteThreatModelsOutput) —

  Returns a response object which responds to the following methods:

  • #deleted => Array<String>
  • #failed => Array<Types::DeleteThreatModelFailure>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 766

def batch_delete_threat_models(params = {}, options = {})
  req = build_request(:batch_delete_threat_models, params)
  req.send_request(options)
end

#batch_get_agent_spaces(params = {}) ⇒ Types::BatchGetAgentSpacesOutput

Retrieves information about one or more agent spaces.

Examples:

Request syntax with placeholder values

resp = client.batch_get_agent_spaces({
  agent_space_ids: ["AgentSpaceId"], # required
})

Response structure

resp.agent_spaces #=> Array
resp.agent_spaces[0].agent_space_id #=> String
resp.agent_spaces[0].name #=> String
resp.agent_spaces[0].description #=> String
resp.agent_spaces[0].aws_resources.vpcs #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].vpc_arn #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns #=> Array
resp.agent_spaces[0].aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.agent_spaces[0].aws_resources.log_groups #=> Array
resp.agent_spaces[0].aws_resources.log_groups[0] #=> String
resp.agent_spaces[0].aws_resources.s3_buckets #=> Array
resp.agent_spaces[0].aws_resources.s3_buckets[0] #=> String
resp.agent_spaces[0].aws_resources.secret_arns #=> Array
resp.agent_spaces[0].aws_resources.secret_arns[0] #=> String
resp.agent_spaces[0].aws_resources.lambda_function_arns #=> Array
resp.agent_spaces[0].aws_resources.lambda_function_arns[0] #=> String
resp.agent_spaces[0].aws_resources.iam_roles #=> Array
resp.agent_spaces[0].aws_resources.iam_roles[0] #=> String
resp.agent_spaces[0].target_domain_ids #=> Array
resp.agent_spaces[0].target_domain_ids[0] #=> String
resp.agent_spaces[0].code_review_settings.controls_scanning #=> Boolean
resp.agent_spaces[0].code_review_settings.general_purpose_scanning #=> Boolean
resp.agent_spaces[0].kms_key_id #=> String
resp.agent_spaces[0].created_at #=> Time
resp.agent_spaces[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_ids (required, Array<String>) —

  The list of agent space identifiers to retrieve.

Returns:

• (Types::BatchGetAgentSpacesOutput) —

  Returns a response object which responds to the following methods:

  • #agent_spaces => Array<Types::AgentSpace>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 823

def batch_get_agent_spaces(params = {}, options = {})
  req = build_request(:batch_get_agent_spaces, params)
  req.send_request(options)
end

#batch_get_artifact_metadata(params = {}) ⇒ Types::BatchGetArtifactMetadataOutput

Retrieves metadata for one or more artifacts in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_artifact_metadata({
  agent_space_id: "AgentSpaceId", # required
  artifact_ids: ["ArtifactId"], # required
})

Response structure

resp.artifact_metadata_list #=> Array
resp.artifact_metadata_list[0].agent_space_id #=> String
resp.artifact_metadata_list[0].artifact_id #=> String
resp.artifact_metadata_list[0].file_name #=> String
resp.artifact_metadata_list[0].updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the artifacts.

• :artifact_ids (required, Array<String>) —

  The list of artifact identifiers to retrieve metadata for.

Returns:

• (Types::BatchGetArtifactMetadataOutput) —

  Returns a response object which responds to the following methods:

  • #artifact_metadata_list => Array<Types::ArtifactMetadataItem>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 859

def batch_get_artifact_metadata(params = {}, options = {})
  req = build_request(:batch_get_artifact_metadata, params)
  req.send_request(options)
end

#batch_get_code_review_job_tasks(params = {}) ⇒ Types::BatchGetCodeReviewJobTasksOutput

Retrieves information about one or more tasks within a code review job.

Examples:

Request syntax with placeholder values

resp = client.batch_get_code_review_job_tasks({
  agent_space_id: "String", # required
  code_review_job_task_ids: ["String"], # required
})

Response structure

resp.code_review_job_tasks #=> Array
resp.code_review_job_tasks[0].task_id #=> String
resp.code_review_job_tasks[0].code_review_id #=> String
resp.code_review_job_tasks[0].code_review_job_id #=> String
resp.code_review_job_tasks[0].agent_space_id #=> String
resp.code_review_job_tasks[0].title #=> String
resp.code_review_job_tasks[0].description #=> String
resp.code_review_job_tasks[0].categories #=> Array
resp.code_review_job_tasks[0].categories[0].name #=> String
resp.code_review_job_tasks[0].categories[0].is_primary #=> Boolean
resp.code_review_job_tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.code_review_job_tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.code_review_job_tasks[0].created_at #=> Time
resp.code_review_job_tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the tasks.

• :code_review_job_task_ids (required, Array<String>) —

  The list of task identifiers to retrieve.

Returns:

• (Types::BatchGetCodeReviewJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_job_tasks => Array<Types::CodeReviewJobTask>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 911

def batch_get_code_review_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_code_review_job_tasks, params)
  req.send_request(options)
end

#batch_get_code_review_jobs(params = {}) ⇒ Types::BatchGetCodeReviewJobsOutput

Retrieves information about one or more code review jobs in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_code_review_jobs({
  code_review_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.code_review_jobs #=> Array
resp.code_review_jobs[0].code_review_job_id #=> String
resp.code_review_jobs[0].code_review_id #=> String
resp.code_review_jobs[0].title #=> String
resp.code_review_jobs[0].overview #=> String
resp.code_review_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_jobs[0].documents #=> Array
resp.code_review_jobs[0].documents[0].s3_location #=> String
resp.code_review_jobs[0].documents[0].artifact_id #=> String
resp.code_review_jobs[0].documents[0].integrated_document.integration_id #=> String
resp.code_review_jobs[0].documents[0].integrated_document.resource_id #=> String
resp.code_review_jobs[0].source_code #=> Array
resp.code_review_jobs[0].source_code[0].s3_location #=> String
resp.code_review_jobs[0].steps #=> Array
resp.code_review_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING", "VALIDATION"
resp.code_review_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.code_review_jobs[0].steps[0].created_at #=> Time
resp.code_review_jobs[0].steps[0].updated_at #=> Time
resp.code_review_jobs[0].execution_context #=> Array
resp.code_review_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.code_review_jobs[0].execution_context[0].context #=> String
resp.code_review_jobs[0].execution_context[0].timestamp #=> Time
resp.code_review_jobs[0].service_role #=> String
resp.code_review_jobs[0].log_config.log_group #=> String
resp.code_review_jobs[0].log_config.log_stream #=> String
resp.code_review_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.code_review_jobs[0].error_information.message #=> String
resp.code_review_jobs[0].integrated_repositories #=> Array
resp.code_review_jobs[0].integrated_repositories[0].integration_id #=> String
resp.code_review_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.code_review_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_review_jobs[0].created_at #=> Time
resp.code_review_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_job_ids (required, Array<String>) —

  The list of code review job identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code review jobs.

Returns:

• (Types::BatchGetCodeReviewJobsOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_jobs => Array<Types::CodeReviewJob>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 980

def batch_get_code_review_jobs(params = {}, options = {})
  req = build_request(:batch_get_code_review_jobs, params)
  req.send_request(options)
end

#batch_get_code_reviews(params = {}) ⇒ Types::BatchGetCodeReviewsOutput

Retrieves information about one or more code reviews in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_code_reviews({
  code_review_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.code_reviews #=> Array
resp.code_reviews[0].code_review_id #=> String
resp.code_reviews[0].agent_space_id #=> String
resp.code_reviews[0].title #=> String
resp.code_reviews[0].assets.endpoints #=> Array
resp.code_reviews[0].assets.endpoints[0].uri #=> String
resp.code_reviews[0].assets.actors #=> Array
resp.code_reviews[0].assets.actors[0].identifier #=> String
resp.code_reviews[0].assets.actors[0].uris #=> Array
resp.code_reviews[0].assets.actors[0].uris[0] #=> String
resp.code_reviews[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.code_reviews[0].assets.actors[0].authentication.value #=> String
resp.code_reviews[0].assets.actors[0].description #=> String
resp.code_reviews[0].assets.documents #=> Array
resp.code_reviews[0].assets.documents[0].s3_location #=> String
resp.code_reviews[0].assets.documents[0].artifact_id #=> String
resp.code_reviews[0].assets.documents[0].integrated_document.integration_id #=> String
resp.code_reviews[0].assets.documents[0].integrated_document.resource_id #=> String
resp.code_reviews[0].assets.source_code #=> Array
resp.code_reviews[0].assets.source_code[0].s3_location #=> String
resp.code_reviews[0].assets.integrated_repositories #=> Array
resp.code_reviews[0].assets.integrated_repositories[0].integration_id #=> String
resp.code_reviews[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.code_reviews[0].service_role #=> String
resp.code_reviews[0].log_config.log_group #=> String
resp.code_reviews[0].log_config.log_stream #=> String
resp.code_reviews[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.code_reviews[0].validation_mode #=> String, one of "DISABLED", "SIMULATED"
resp.code_reviews[0].created_at #=> Time
resp.code_reviews[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_ids (required, Array<String>) —

  The list of code review identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code reviews.

Returns:

• (Types::BatchGetCodeReviewsOutput) —

  Returns a response object which responds to the following methods:

  • #code_reviews => Array<Types::CodeReview>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1046

def batch_get_code_reviews(params = {}, options = {})
  req = build_request(:batch_get_code_reviews, params)
  req.send_request(options)
end

#batch_get_findings(params = {}) ⇒ Types::BatchGetFindingsOutput

Retrieves information about one or more security findings in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_findings({
  finding_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.findings #=> Array
resp.findings[0].finding_id #=> String
resp.findings[0].agent_space_id #=> String
resp.findings[0].pentest_id #=> String
resp.findings[0].pentest_job_id #=> String
resp.findings[0].code_review_id #=> String
resp.findings[0].code_review_job_id #=> String
resp.findings[0].task_id #=> String
resp.findings[0].name #=> String
resp.findings[0].description #=> String
resp.findings[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings[0].risk_type #=> String
resp.findings[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings[0].risk_score #=> String
resp.findings[0].reasoning #=> String
resp.findings[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings[0].validation_status #=> String, one of "CONFIRMED", "NOT_REPRODUCED", "VALIDATION_FAILED", "VALIDATING", "NOT_VALIDATED"
resp.findings[0].attack_script #=> String
resp.findings[0].code_remediation_task.status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED"
resp.findings[0].code_remediation_task.status_reason #=> String
resp.findings[0].code_remediation_task.task_details #=> Array
resp.findings[0].code_remediation_task.task_details[0].repo_name #=> String
resp.findings[0].code_remediation_task.task_details[0].code_diff_link #=> String
resp.findings[0].code_remediation_task.task_details[0].pull_request_link #=> String
resp.findings[0].last_updated_by #=> String
resp.findings[0].customer_note #=> String
resp.findings[0].code_locations #=> Array
resp.findings[0].code_locations[0].file_path #=> String
resp.findings[0].code_locations[0].line_start #=> Integer
resp.findings[0].code_locations[0].line_end #=> Integer
resp.findings[0].code_locations[0].label #=> String
resp.findings[0].verification_script.script_type #=> String
resp.findings[0].verification_script.script_url #=> String
resp.findings[0].verification_script.instructions #=> String
resp.findings[0].verification_script.env_vars #=> Array
resp.findings[0].verification_script.env_vars[0].name #=> String
resp.findings[0].verification_script.env_vars[0].value #=> String
resp.findings[0].alignment_rationale #=> String
resp.findings[0].created_at #=> Time
resp.findings[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :finding_ids (required, Array<String>) —

  The list of finding identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the findings.

Returns:

• (Types::BatchGetFindingsOutput) —

  Returns a response object which responds to the following methods:

  • #findings => Array<Types::Finding>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1121

def batch_get_findings(params = {}, options = {})
  req = build_request(:batch_get_findings, params)
  req.send_request(options)
end

#batch_get_pentest_job_tasks(params = {}) ⇒ Types::BatchGetPentestJobTasksOutput

Retrieves information about one or more tasks within a pentest job.

Examples:

Request syntax with placeholder values

resp = client.batch_get_pentest_job_tasks({
  agent_space_id: "String", # required
  task_ids: ["String"], # required
})

Response structure

resp.tasks #=> Array
resp.tasks[0].task_id #=> String
resp.tasks[0].pentest_id #=> String
resp.tasks[0].pentest_job_id #=> String
resp.tasks[0].agent_space_id #=> String
resp.tasks[0].title #=> String
resp.tasks[0].description #=> String
resp.tasks[0].categories #=> Array
resp.tasks[0].categories[0].name #=> String
resp.tasks[0].categories[0].is_primary #=> Boolean
resp.tasks[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.tasks[0].target_endpoint.uri #=> String
resp.tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.tasks[0].created_at #=> Time
resp.tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the tasks.

• :task_ids (required, Array<String>) —

  The list of task identifiers to retrieve.

Returns:

• (Types::BatchGetPentestJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #tasks => Array<Types::Task>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1173

def batch_get_pentest_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_pentest_job_tasks, params)
  req.send_request(options)
end

#batch_get_pentest_jobs(params = {}) ⇒ Types::BatchGetPentestJobsOutput

Retrieves information about one or more pentest jobs in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_pentest_jobs({
  pentest_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.pentest_jobs #=> Array
resp.pentest_jobs[0].pentest_job_id #=> String
resp.pentest_jobs[0].pentest_id #=> String
resp.pentest_jobs[0].title #=> String
resp.pentest_jobs[0].overview #=> String
resp.pentest_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_jobs[0].endpoints #=> Array
resp.pentest_jobs[0].endpoints[0].uri #=> String
resp.pentest_jobs[0].actors #=> Array
resp.pentest_jobs[0].actors[0].identifier #=> String
resp.pentest_jobs[0].actors[0].uris #=> Array
resp.pentest_jobs[0].actors[0].uris[0] #=> String
resp.pentest_jobs[0].actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentest_jobs[0].actors[0].authentication.value #=> String
resp.pentest_jobs[0].actors[0].description #=> String
resp.pentest_jobs[0].documents #=> Array
resp.pentest_jobs[0].documents[0].s3_location #=> String
resp.pentest_jobs[0].documents[0].artifact_id #=> String
resp.pentest_jobs[0].documents[0].integrated_document.integration_id #=> String
resp.pentest_jobs[0].documents[0].integrated_document.resource_id #=> String
resp.pentest_jobs[0].source_code #=> Array
resp.pentest_jobs[0].source_code[0].s3_location #=> String
resp.pentest_jobs[0].exclude_paths #=> Array
resp.pentest_jobs[0].exclude_paths[0].uri #=> String
resp.pentest_jobs[0].allowed_domains #=> Array
resp.pentest_jobs[0].allowed_domains[0].uri #=> String
resp.pentest_jobs[0].exclude_risk_types #=> Array
resp.pentest_jobs[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentest_jobs[0].steps #=> Array
resp.pentest_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING", "VALIDATION"
resp.pentest_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
resp.pentest_jobs[0].steps[0].created_at #=> Time
resp.pentest_jobs[0].steps[0].updated_at #=> Time
resp.pentest_jobs[0].execution_context #=> Array
resp.pentest_jobs[0].execution_context[0].context_type #=> String, one of "ERROR", "CLIENT_ERROR", "WARNING", "INFO"
resp.pentest_jobs[0].execution_context[0].context #=> String
resp.pentest_jobs[0].execution_context[0].timestamp #=> Time
resp.pentest_jobs[0].service_role #=> String
resp.pentest_jobs[0].log_config.log_group #=> String
resp.pentest_jobs[0].log_config.log_stream #=> String
resp.pentest_jobs[0].vpc_config.vpc_arn #=> String
resp.pentest_jobs[0].vpc_config.security_group_arns #=> Array
resp.pentest_jobs[0].vpc_config.security_group_arns[0] #=> String
resp.pentest_jobs[0].vpc_config.subnet_arns #=> Array
resp.pentest_jobs[0].vpc_config.subnet_arns[0] #=> String
resp.pentest_jobs[0].network_traffic_config.rules #=> Array
resp.pentest_jobs[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentest_jobs[0].network_traffic_config.rules[0].pattern #=> String
resp.pentest_jobs[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentest_jobs[0].network_traffic_config.custom_headers #=> Array
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentest_jobs[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentest_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.pentest_jobs[0].error_information.message #=> String
resp.pentest_jobs[0].integrated_repositories #=> Array
resp.pentest_jobs[0].integrated_repositories[0].integration_id #=> String
resp.pentest_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.pentest_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentest_jobs[0].clean_up_strategy #=> String, one of "BEST_EFFORT_DELETE", "RETAIN_ALL"
resp.pentest_jobs[0].disable_managed_skills #=> Array
resp.pentest_jobs[0].disable_managed_skills[0] #=> String, one of "FINDING_PERSONALIZATION", "LOGIN_OPTIMIZATION"
resp.pentest_jobs[0].created_at #=> Time
resp.pentest_jobs[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_job_ids (required, Array<String>) —

  The list of pentest job identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentest jobs.

Returns:

• (Types::BatchGetPentestJobsOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_jobs => Array<Types::PentestJob>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1272

def batch_get_pentest_jobs(params = {}, options = {})
  req = build_request(:batch_get_pentest_jobs, params)
  req.send_request(options)
end

#batch_get_pentests(params = {}) ⇒ Types::BatchGetPentestsOutput

Retrieves information about one or more pentests in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_pentests({
  pentest_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.pentests #=> Array
resp.pentests[0].pentest_id #=> String
resp.pentests[0].agent_space_id #=> String
resp.pentests[0].title #=> String
resp.pentests[0].assets.endpoints #=> Array
resp.pentests[0].assets.endpoints[0].uri #=> String
resp.pentests[0].assets.actors #=> Array
resp.pentests[0].assets.actors[0].identifier #=> String
resp.pentests[0].assets.actors[0].uris #=> Array
resp.pentests[0].assets.actors[0].uris[0] #=> String
resp.pentests[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.pentests[0].assets.actors[0].authentication.value #=> String
resp.pentests[0].assets.actors[0].description #=> String
resp.pentests[0].assets.documents #=> Array
resp.pentests[0].assets.documents[0].s3_location #=> String
resp.pentests[0].assets.documents[0].artifact_id #=> String
resp.pentests[0].assets.documents[0].integrated_document.integration_id #=> String
resp.pentests[0].assets.documents[0].integrated_document.resource_id #=> String
resp.pentests[0].assets.source_code #=> Array
resp.pentests[0].assets.source_code[0].s3_location #=> String
resp.pentests[0].assets.integrated_repositories #=> Array
resp.pentests[0].assets.integrated_repositories[0].integration_id #=> String
resp.pentests[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.pentests[0].exclude_risk_types #=> Array
resp.pentests[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.pentests[0].service_role #=> String
resp.pentests[0].log_config.log_group #=> String
resp.pentests[0].log_config.log_stream #=> String
resp.pentests[0].vpc_config.vpc_arn #=> String
resp.pentests[0].vpc_config.security_group_arns #=> Array
resp.pentests[0].vpc_config.security_group_arns[0] #=> String
resp.pentests[0].vpc_config.subnet_arns #=> Array
resp.pentests[0].vpc_config.subnet_arns[0] #=> String
resp.pentests[0].network_traffic_config.rules #=> Array
resp.pentests[0].network_traffic_config.rules[0].effect #=> String, one of "ALLOW", "DENY"
resp.pentests[0].network_traffic_config.rules[0].pattern #=> String
resp.pentests[0].network_traffic_config.rules[0].network_traffic_rule_type #=> String, one of "URL"
resp.pentests[0].network_traffic_config.custom_headers #=> Array
resp.pentests[0].network_traffic_config.custom_headers[0].name #=> String
resp.pentests[0].network_traffic_config.custom_headers[0].value #=> String
resp.pentests[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.pentests[0].clean_up_strategy #=> String, one of "BEST_EFFORT_DELETE", "RETAIN_ALL"
resp.pentests[0].disable_managed_skills #=> Array
resp.pentests[0].disable_managed_skills[0] #=> String, one of "FINDING_PERSONALIZATION", "LOGIN_OPTIMIZATION"
resp.pentests[0].created_at #=> Time
resp.pentests[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_ids (required, Array<String>) —

  The list of pentest identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentests.

Returns:

• (Types::BatchGetPentestsOutput) —

  Returns a response object which responds to the following methods:

  • #pentests => Array<Types::Pentest>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1352

def batch_get_pentests(params = {}, options = {})
  req = build_request(:batch_get_pentests, params)
  req.send_request(options)
end

#batch_get_security_requirements(params = {}) ⇒ Types::BatchGetSecurityRequirementsOutput

Batch retrieves security requirements from a pack.

Examples:

Request syntax with placeholder values

resp = client.batch_get_security_requirements({
  pack_id: "SecurityRequirementPackId", # required
  security_requirement_names: ["SecurityRequirementName"], # required
})

Response structure

resp.security_requirements #=> Array
resp.security_requirements[0].pack_id #=> String
resp.security_requirements[0].name #=> String
resp.security_requirements[0].description #=> String
resp.security_requirements[0].domain #=> String
resp.security_requirements[0].evaluation #=> String
resp.security_requirements[0].remediation #=> String
resp.security_requirements[0].created_at #=> Time
resp.security_requirements[0].updated_at #=> Time
resp.errors #=> Array
resp.errors[0].security_requirement_name #=> String
resp.errors[0].code #=> String
resp.errors[0].message #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to retrieve requirements from.

• :security_requirement_names (required, Array<String>) —

  The list of security requirement names to retrieve.

Returns:

• (Types::BatchGetSecurityRequirementsOutput) —

  Returns a response object which responds to the following methods:

  • #security_requirements => Array<Types::BatchGetSecurityRequirementResult>
  • #errors => Array<Types::BatchSecurityRequirementError>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1398

def batch_get_security_requirements(params = {}, options = {})
  req = build_request(:batch_get_security_requirements, params)
  req.send_request(options)
end

#batch_get_target_domains(params = {}) ⇒ Types::BatchGetTargetDomainsOutput

Retrieves information about one or more target domains.

Examples:

Request syntax with placeholder values

resp = client.batch_get_target_domains({
  target_domain_ids: ["String"], # required
})

Response structure

resp.target_domains #=> Array
resp.target_domains[0].target_domain_id #=> String
resp.target_domains[0].domain_name #=> String
resp.target_domains[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.target_domains[0].verification_status_reason #=> String
resp.target_domains[0].verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.target_domains[0].verification_details.dns_txt.token #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_name #=> String
resp.target_domains[0].verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.target_domains[0].verification_details.http_route.token #=> String
resp.target_domains[0].verification_details.http_route.route_path #=> String
resp.target_domains[0].created_at #=> Time
resp.target_domains[0].verified_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_ids (required, Array<String>) —

  The list of target domain identifiers to retrieve.

Returns:

• (Types::BatchGetTargetDomainsOutput) —

  Returns a response object which responds to the following methods:

  • #target_domains => Array<Types::TargetDomain>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1441

def batch_get_target_domains(params = {}, options = {})
  req = build_request(:batch_get_target_domains, params)
  req.send_request(options)
end

#batch_get_threat_model_job_tasks(params = {}) ⇒ Types::BatchGetThreatModelJobTasksOutput

Retrieves information about one or more tasks within a threat model job.

Examples:

Request syntax with placeholder values

resp = client.batch_get_threat_model_job_tasks({
  agent_space_id: "String", # required
  threat_model_job_task_ids: ["String"], # required
})

Response structure

resp.threat_model_job_tasks #=> Array
resp.threat_model_job_tasks[0].task_id #=> String
resp.threat_model_job_tasks[0].threat_model_id #=> String
resp.threat_model_job_tasks[0].threat_model_job_id #=> String
resp.threat_model_job_tasks[0].agent_space_id #=> String
resp.threat_model_job_tasks[0].title #=> String
resp.threat_model_job_tasks[0].description #=> String
resp.threat_model_job_tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.threat_model_job_tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
resp.threat_model_job_tasks[0].logs_location.cloud_watch_log.log_group #=> String
resp.threat_model_job_tasks[0].logs_location.cloud_watch_log.log_stream #=> String
resp.threat_model_job_tasks[0].created_at #=> Time
resp.threat_model_job_tasks[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the tasks.

• :threat_model_job_task_ids (required, Array<String>) —

  The list of task identifiers to retrieve.

Returns:

• (Types::BatchGetThreatModelJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #threat_model_job_tasks => Array<Types::ThreatModelJobTask>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1489

def batch_get_threat_model_job_tasks(params = {}, options = {})
  req = build_request(:batch_get_threat_model_job_tasks, params)
  req.send_request(options)
end

#batch_get_threat_model_jobs(params = {}) ⇒ Types::BatchGetThreatModelJobsOutput

Retrieves information about one or more threat model jobs in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_threat_model_jobs({
  threat_model_job_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.threat_model_jobs #=> Array
resp.threat_model_jobs[0].threat_model_job_id #=> String
resp.threat_model_jobs[0].threat_model_id #=> String
resp.threat_model_jobs[0].agent_space_id #=> String
resp.threat_model_jobs[0].title #=> String
resp.threat_model_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.threat_model_jobs[0].created_at #=> Time
resp.threat_model_jobs[0].updated_at #=> Time
resp.threat_model_jobs[0].execution_start_time #=> Time
resp.threat_model_jobs[0].execution_end_time #=> Time
resp.threat_model_jobs[0].source_code #=> Array
resp.threat_model_jobs[0].source_code[0].s3_location #=> String
resp.threat_model_jobs[0].integrated_repositories #=> Array
resp.threat_model_jobs[0].integrated_repositories[0].integration_id #=> String
resp.threat_model_jobs[0].integrated_repositories[0].provider_resource_id #=> String
resp.threat_model_jobs[0].documents #=> Array
resp.threat_model_jobs[0].documents[0].s3_location #=> String
resp.threat_model_jobs[0].documents[0].artifact_id #=> String
resp.threat_model_jobs[0].documents[0].integrated_document.integration_id #=> String
resp.threat_model_jobs[0].documents[0].integrated_document.resource_id #=> String
resp.threat_model_jobs[0].scope_docs #=> Array
resp.threat_model_jobs[0].scope_docs[0].s3_location #=> String
resp.threat_model_jobs[0].scope_docs[0].artifact_id #=> String
resp.threat_model_jobs[0].scope_docs[0].integrated_document.integration_id #=> String
resp.threat_model_jobs[0].scope_docs[0].integrated_document.resource_id #=> String
resp.threat_model_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
resp.threat_model_jobs[0].error_information.message #=> String
resp.threat_model_jobs[0].system_overview #=> String
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :threat_model_job_ids (required, Array<String>) —

  The list of threat model job identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the threat model jobs.

Returns:

• (Types::BatchGetThreatModelJobsOutput) —

  Returns a response object which responds to the following methods:

  • #threat_model_jobs => Array<Types::ThreatModelJob>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1553

def batch_get_threat_model_jobs(params = {}, options = {})
  req = build_request(:batch_get_threat_model_jobs, params)
  req.send_request(options)
end

#batch_get_threat_models(params = {}) ⇒ Types::BatchGetThreatModelsOutput

Retrieves information about one or more threat models in an agent space.

Examples:

Request syntax with placeholder values

resp = client.batch_get_threat_models({
  threat_model_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.threat_models #=> Array
resp.threat_models[0].threat_model_id #=> String
resp.threat_models[0].agent_space_id #=> String
resp.threat_models[0].title #=> String
resp.threat_models[0].description #=> String
resp.threat_models[0].assets.endpoints #=> Array
resp.threat_models[0].assets.endpoints[0].uri #=> String
resp.threat_models[0].assets.actors #=> Array
resp.threat_models[0].assets.actors[0].identifier #=> String
resp.threat_models[0].assets.actors[0].uris #=> Array
resp.threat_models[0].assets.actors[0].uris[0] #=> String
resp.threat_models[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.threat_models[0].assets.actors[0].authentication.value #=> String
resp.threat_models[0].assets.actors[0].description #=> String
resp.threat_models[0].assets.documents #=> Array
resp.threat_models[0].assets.documents[0].s3_location #=> String
resp.threat_models[0].assets.documents[0].artifact_id #=> String
resp.threat_models[0].assets.documents[0].integrated_document.integration_id #=> String
resp.threat_models[0].assets.documents[0].integrated_document.resource_id #=> String
resp.threat_models[0].assets.source_code #=> Array
resp.threat_models[0].assets.source_code[0].s3_location #=> String
resp.threat_models[0].assets.integrated_repositories #=> Array
resp.threat_models[0].assets.integrated_repositories[0].integration_id #=> String
resp.threat_models[0].assets.integrated_repositories[0].provider_resource_id #=> String
resp.threat_models[0].scope_docs #=> Array
resp.threat_models[0].scope_docs[0].s3_location #=> String
resp.threat_models[0].scope_docs[0].artifact_id #=> String
resp.threat_models[0].scope_docs[0].integrated_document.integration_id #=> String
resp.threat_models[0].scope_docs[0].integrated_document.resource_id #=> String
resp.threat_models[0].service_role #=> String
resp.threat_models[0].log_config.log_group #=> String
resp.threat_models[0].log_config.log_stream #=> String
resp.threat_models[0].created_at #=> Time
resp.threat_models[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :threat_model_ids (required, Array<String>) —

  The list of threat model identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the threat models.

Returns:

• (Types::BatchGetThreatModelsOutput) —

  Returns a response object which responds to the following methods:

  • #threat_models => Array<Types::ThreatModel>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1623

def batch_get_threat_models(params = {}, options = {})
  req = build_request(:batch_get_threat_models, params)
  req.send_request(options)
end

#batch_get_threats(params = {}) ⇒ Types::BatchGetThreatsOutput

Retrieves information about one or more threats.

Examples:

Request syntax with placeholder values

resp = client.batch_get_threats({
  threat_ids: ["String"], # required
  agent_space_id: "String", # required
})

Response structure

resp.threats #=> Array
resp.threats[0].threat_id #=> String
resp.threats[0].threat_job_id #=> String
resp.threats[0].title #=> String
resp.threats[0].statement #=> String
resp.threats[0].severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
resp.threats[0].status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
resp.threats[0].comments #=> String
resp.threats[0].threat_source #=> String
resp.threats[0].prerequisites #=> String
resp.threats[0].threat_action #=> String
resp.threats[0].threat_impact #=> String
resp.threats[0].impacted_goal #=> Array
resp.threats[0].impacted_goal[0] #=> String
resp.threats[0].impacted_assets #=> Array
resp.threats[0].impacted_assets[0] #=> String
resp.threats[0].anchor.kind #=> String
resp.threats[0].anchor.id #=> String
resp.threats[0].anchor.package_id #=> String
resp.threats[0].evidence #=> Array
resp.threats[0].evidence[0].package_id #=> String
resp.threats[0].evidence[0].path #=> String
resp.threats[0].stride #=> Array
resp.threats[0].stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
resp.threats[0].recommendation #=> String
resp.threats[0].created_by #=> String, one of "CUSTOMER", "AGENT"
resp.threats[0].updated_by #=> String, one of "CUSTOMER", "AGENT"
resp.threats[0].created_at #=> Time
resp.threats[0].updated_at #=> Time
resp.not_found #=> Array
resp.not_found[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :threat_ids (required, Array<String>) —

  The list of threat identifiers to retrieve.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

Returns:

• (Types::BatchGetThreatsOutput) —

  Returns a response object which responds to the following methods:

  • #threats => Array<Types::Threat>
  • #not_found => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1686

def batch_get_threats(params = {}, options = {})
  req = build_request(:batch_get_threats, params)
  req.send_request(options)
end

#batch_update_security_requirements(params = {}) ⇒ Types::BatchUpdateSecurityRequirementsOutput

Batch updates security requirements within a customer managed pack.

Examples:

Request syntax with placeholder values

resp = client.batch_update_security_requirements({
  pack_id: "SecurityRequirementPackId", # required
  security_requirements: [ # required
    {
      name: "SecurityRequirementName", # required
      description: "String",
      domain: "String",
      evaluation: "String",
      remediation: "String",
    },
  ],
})

Response structure

resp.updated_security_requirement_names #=> Array
resp.updated_security_requirement_names[0] #=> String
resp.errors #=> Array
resp.errors[0].security_requirement_name #=> String
resp.errors[0].code #=> String
resp.errors[0].message #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack containing the requirements to update.

• :security_requirements (required, Array<Types::UpdateSecurityRequirementEntry>) —

  The list of security requirement updates to apply.

Returns:

• (Types::BatchUpdateSecurityRequirementsOutput) —

  Returns a response object which responds to the following methods:

  • #updated_security_requirement_names => Array<String>
  • #errors => Array<Types::BatchSecurityRequirementError>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1733

def batch_update_security_requirements(params = {}, options = {})
  req = build_request(:batch_update_security_requirements, params)
  req.send_request(options)
end

#create_agent_space(params = {}) ⇒ Types::CreateAgentSpaceOutput

Creates a new agent space. An agent space is a dedicated workspace for securing a specific application.

Examples:

Request syntax with placeholder values

resp = client.create_agent_space({
  name: "AgentName", # required
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.kms_key_id #=> String
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the agent space.

• :description (String) —

  A description of the agent space.

• :aws_resources (Types::AWSResources) —

  The AWS resources to associate with the agent space.

• :target_domain_ids (Array<String>) —

  The list of target domain identifiers to associate with the agent space.

• :code_review_settings (Types::CodeReviewSettings) —

  The code review settings for the agent space.

• :kms_key_id (String) —

  The identifier of the AWS KMS key to use for encrypting data in the agent space.

• :tags (Hash<String,String>) —

  The tags to associate with the agent space.

Returns:

• (Types::CreateAgentSpaceOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String
  • #name => String
  • #description => String
  • #aws_resources => Types::AWSResources
  • #target_domain_ids => Array<String>
  • #code_review_settings => Types::CodeReviewSettings
  • #kms_key_id => String
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1839

def create_agent_space(params = {}, options = {})
  req = build_request(:create_agent_space, params)
  req.send_request(options)
end

#create_application(params = {}) ⇒ Types::CreateApplicationResponse

Creates a new application. An application is the top-level organizational unit that supports IAM Identity Center integration.

Examples:

Request syntax with placeholder values

resp = client.create_application({
  idc_instance_arn: "IdCInstanceArn",
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.application_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :idc_instance_arn (String) —

  The Amazon Resource Name (ARN) of the IAM Identity Center instance to associate with the application.

• :role_arn (String) —

  The Amazon Resource Name (ARN) of the IAM role to associate with the application.

• :default_kms_key_id (String) —

  The identifier of the default AWS KMS key to use for encrypting data in the application.

• :tags (Hash<String,String>) —

  The tags to associate with the application.

Returns:

• (Types::CreateApplicationResponse) —

  Returns a response object which responds to the following methods:

  • #application_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 1885

def create_application(params = {}, options = {})
  req = build_request(:create_application, params)
  req.send_request(options)
end

#create_code_review(params = {}) ⇒ Types::CreateCodeReviewOutput

Creates a new code review configuration in an agent space. A code review defines the parameters for automated security-focused code analysis.

Examples:

Request syntax with placeholder values

resp = client.create_code_review({
  title: "String", # required
  agent_space_id: "String", # required
  assets: { # required
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
        integrated_document: {
          integration_id: "String", # required
          resource_id: "String", # required
        },
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
  validation_mode: "DISABLED", # accepts DISABLED, SIMULATED
})

Response structure

resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.documents[0].integrated_document.integration_id #=> String
resp.assets.documents[0].integrated_document.resource_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.validation_mode #=> String, one of "DISABLED", "SIMULATED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :title (required, String) —

  The title of the code review.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to create the code review in.

• :assets (required, Types::Assets) —

  The assets to include in the code review, such as documents and source code.

• :service_role (String) —

  The IAM service role to use for the code review.

• :log_config (Types::CloudWatchLog) —

  The CloudWatch Logs configuration for the code review.

• :code_remediation_strategy (String) —

  The code remediation strategy for the code review. Valid values are AUTOMATIC and DISABLED.

• :validation_mode (String) —

  The validation mode for the code review. Valid values are SIMULATED and DISABLED.

Returns:

• (Types::CreateCodeReviewOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String
  • #code_remediation_strategy => String
  • #validation_mode => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2020

def create_code_review(params = {}, options = {})
  req = build_request(:create_code_review, params)
  req.send_request(options)
end

#create_integration(params = {}) ⇒ Types::CreateIntegrationOutput

Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.

Examples:

Request syntax with placeholder values

resp = client.create_integration({
  provider: "GITHUB", # required, accepts GITHUB, GITLAB, BITBUCKET, CONFLUENCE
  input: { # required
    github: {
      code: "AuthCode", # required
      state: "CsrfState", # required
      organization_name: "String",
      target_url: "TargetUrl",
      installation_id: "String",
    },
    gitlab: {
      access_token: "AccessToken", # required
      target_url: "TargetUrl",
      token_type: "PERSONAL", # required, accepts PERSONAL, GROUP
      group_id: "String",
    },
    bitbucket: {
      installation_id: "BitbucketInstallationId", # required
      workspace: "BitbucketWorkspace", # required
      code: "AuthCode", # required
      state: "CsrfState", # required
    },
    confluence: {
      installation_id: "ConfluenceInstallationId", # required
      code: "AuthCode", # required
      state: "CsrfState", # required
      site_url: "ConfluenceSiteUrl", # required
    },
  },
  integration_display_name: "String", # required
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
  private_connection_name: "PrivateConnectionName",
})

Response structure

resp.integration_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :provider (required, String) —

  The integration provider. Currently, only GITHUB is supported.

• :input (required, Types::ProviderInput) —

  The provider-specific input required to create the integration.

• :integration_display_name (required, String) —

  The display name for the integration.

• :kms_key_id (String) —

  The identifier of the AWS KMS key to use for encrypting data associated with the integration.

• :tags (Hash<String,String>) —

  The tags to associate with the integration.

• :private_connection_name (String) —

  The name of an active private connection used to reach a self-hosted provider instance over private networking. Specify this when the instance is not publicly reachable.

Returns:

• (Types::CreateIntegrationOutput) —

  Returns a response object which responds to the following methods:

  • #integration_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2100

def create_integration(params = {}, options = {})
  req = build_request(:create_integration, params)
  req.send_request(options)
end

#create_membership(params = {}) ⇒ Struct

Creates a new membership, granting a user access to an agent space within an application.

Examples:

Request syntax with placeholder values

resp = client.create_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # required, accepts USER
  config: {
    user: {
      role: "MEMBER", # accepts MEMBER
    },
  },
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application that contains the agent space.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to grant access to.

• :membership_id (required, String) —

  The unique identifier for the membership.

• :member_type (required, String) —

  The type of member. Currently, only USER is supported.

• :config (Types::MembershipConfig) —

  The configuration for the membership, such as the user role.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2144

def create_membership(params = {}, options = {})
  req = build_request(:create_membership, params)
  req.send_request(options)
end

#create_pentest(params = {}) ⇒ Types::CreatePentestOutput

Creates a new pentest configuration in an agent space. A pentest defines the security test parameters, including target assets, risk type exclusions, and logging configuration.

Examples:

Request syntax with placeholder values

resp = client.create_pentest({
  title: "String", # required
  agent_space_id: "String", # required
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
        integrated_document: {
          integration_id: "String", # required
          resource_id: "String", # required
        },
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
  disable_managed_skills: ["FINDING_PERSONALIZATION"], # accepts FINDING_PERSONALIZATION, LOGIN_OPTIMIZATION
})

Response structure

resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.documents[0].integrated_document.integration_id #=> String
resp.assets.documents[0].integrated_document.resource_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :title (required, String) —

  The title of the pentest.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to create the pentest in.

• :assets (Types::Assets) —

  The assets to include in the pentest, such as endpoints, actors, documents, and source code.

• :exclude_risk_types (Array<String>) —

  The list of risk types to exclude from the pentest.

• :service_role (String) —

  The IAM service role to use for the pentest.

• :log_config (Types::CloudWatchLog) —

  The CloudWatch Logs configuration for the pentest.

• :vpc_config (Types::VpcConfig) —

  The VPC configuration for the pentest.

• :network_traffic_config (Types::NetworkTrafficConfig) —

  The network traffic configuration for the pentest, including custom headers and traffic rules.

• :code_remediation_strategy (String) —

  The code remediation strategy for the pentest. Valid values are AUTOMATIC and DISABLED.

• :disable_managed_skills (Array<String>) —

  A list of managed skills to disable for this pentest. Valid values include FINDING_PERSONALIZATION and LOGIN_OPTIMIZATION.

Returns:

• (Types::CreatePentestOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #exclude_risk_types => Array<String>
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2309

def create_pentest(params = {}, options = {})
  req = build_request(:create_pentest, params)
  req.send_request(options)
end

#create_private_connection(params = {}) ⇒ Types::CreatePrivateConnectionOutput

Creates a private connection for reaching a self-hosted provider instance over private networking using Amazon VPC Lattice.

Examples:

Request syntax with placeholder values

resp = client.create_private_connection({
  private_connection_name: "PrivateConnectionName", # required
  mode: { # required
    service_managed: {
      host_address: "HostAddress", # required
      vpc_id: "PrivateConnectionVpcId", # required
      subnet_ids: ["PrivateConnectionSubnetId"], # required
      security_group_ids: ["PrivateConnectionSecurityGroupId"],
      ip_address_type: "IPV4", # accepts IPV4, IPV6, DUAL_STACK
      ipv4_addresses_per_eni: 1,
      port_ranges: ["PortRange"],
      certificate: "CertificateChain",
      dns_resolution: "PUBLIC", # accepts PUBLIC, IN_VPC
    },
    self_managed: {
      resource_configuration_id: "ResourceConfigurationId", # required
      certificate: "CertificateChain",
    },
  },
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.name #=> String
resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
resp.resource_gateway_id #=> String
resp.host_address #=> String
resp.vpc_id #=> String
resp.resource_configuration_id #=> String
resp.certificate_expiry_time #=> Time
resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
resp.failure_message #=> String
resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :private_connection_name (required, String) —

  A unique name for the private connection within your account.

• :mode (required, Types::PrivateConnectionMode) —

  The configuration for the private connection. Specify either a service-managed or a self-managed mode.

• :tags (Hash<String,String>) —

  The tags to attach to the private connection.

Returns:

• (Types::CreatePrivateConnectionOutput) —

  Returns a response object which responds to the following methods:

  • #name => String
  • #type => String
  • #status => String
  • #resource_gateway_id => String
  • #host_address => String
  • #vpc_id => String
  • #resource_configuration_id => String
  • #certificate_expiry_time => Time
  • #dns_resolution => String
  • #failure_message => String
  • #tags => Hash<String,String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2386

def create_private_connection(params = {}, options = {})
  req = build_request(:create_private_connection, params)
  req.send_request(options)
end

#create_security_requirement_pack(params = {}) ⇒ Types::CreateSecurityRequirementPackOutput

Creates a customer managed security requirement pack.

Examples:

Request syntax with placeholder values

resp = client.create_security_requirement_pack({
  name: "SecurityRequirementPackName", # required
  description: "String",
  status: "ENABLED", # accepts ENABLED, DISABLED
  kms_key_id: "KmsKeyId",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.pack_id #=> String
resp.status #=> String, one of "ENABLED", "DISABLED"
resp.kms_key_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the security requirement pack.

• :description (String) —

  A description of the security requirement pack.

• :status (String) —

  The status of the pack. Defaults to ENABLED if not provided.

• :kms_key_id (String) —

  The identifier of the AWS KMS key used to encrypt pack contents.

• :tags (Hash<String,String>) —

  The tags to associate with the security requirement pack.

Returns:

• (Types::CreateSecurityRequirementPackOutput) —

  Returns a response object which responds to the following methods:

  • #pack_id => String
  • #status => String
  • #kms_key_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2436

def create_security_requirement_pack(params = {}, options = {})
  req = build_request(:create_security_requirement_pack, params)
  req.send_request(options)
end

#create_target_domain(params = {}) ⇒ Types::CreateTargetDomainOutput

Creates a new target domain for penetration testing. A target domain is a web domain that must be registered and verified before it can be tested.

Examples:

Request syntax with placeholder values

resp = client.create_target_domain({
  target_domain_name: "String", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_name (required, String) —

  The domain name to register as a target domain.

• :verification_method (required, String) —

  The method to use for verifying domain ownership. Valid values are DNS_TXT, HTTP_ROUTE, and PRIVATE_VPC.

• :tags (Hash<String,String>) —

  The tags to associate with the target domain.

Returns:

• (Types::CreateTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String
  • #domain_name => String
  • #verification_status => String
  • #verification_status_reason => String
  • #verification_details => Types::VerificationDetails
  • #created_at => Time
  • #verified_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2494

def create_target_domain(params = {}, options = {})
  req = build_request(:create_target_domain, params)
  req.send_request(options)
end

#create_threat(params = {}) ⇒ Types::CreateThreatOutput

Creates a new threat under a threat model job.

Examples:

Request syntax with placeholder values

resp = client.create_threat({
  agent_space_id: "String", # required
  threat_job_id: "String", # required
  title: "String",
  statement: "String",
  severity: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFO
  comments: "String",
  stride: ["SPOOFING"], # accepts SPOOFING, TAMPERING, REPUDIATION, INFORMATION_DISCLOSURE, DENIAL_OF_SERVICE, ELEVATION_OF_PRIVILEGE
  threat_source: "String",
  prerequisites: "String",
  threat_action: "String",
  threat_impact: "String",
  impacted_goal: ["String"],
  impacted_assets: ["String"],
  anchor: {
    kind: "String",
    id: "String",
    package_id: "String",
  },
  evidence: [
    {
      package_id: "String",
      path: "String",
    },
  ],
  recommendation: "String",
})

Response structure

resp.threat_id #=> String
resp.threat_job_id #=> String
resp.title #=> String
resp.statement #=> String
resp.severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
resp.status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
resp.comments #=> String
resp.stride #=> Array
resp.stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
resp.threat_source #=> String
resp.prerequisites #=> String
resp.threat_action #=> String
resp.threat_impact #=> String
resp.impacted_goal #=> Array
resp.impacted_goal[0] #=> String
resp.impacted_assets #=> Array
resp.impacted_assets[0] #=> String
resp.anchor.kind #=> String
resp.anchor.id #=> String
resp.anchor.package_id #=> String
resp.evidence #=> Array
resp.evidence[0].package_id #=> String
resp.evidence[0].path #=> String
resp.recommendation #=> String
resp.created_by #=> String, one of "CUSTOMER", "AGENT"
resp.updated_by #=> String, one of "CUSTOMER", "AGENT"
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :threat_job_id (required, String) —

  The unique identifier of the threat model job the threat belongs to.

• :title (String) —

  A short title summarizing the threat.

• :statement (String) —

  The natural-language threat statement.

• :severity (String) —

  The severity level of the threat.

• :comments (String) —

  Optional customer comment on the threat.

• :stride (Array<String>) —

  The STRIDE categories applicable to this threat.

• :threat_source (String) —

  The actor or origin of the threat.

• :prerequisites (String) —

  The conditions required for the threat to be exploitable.

• :threat_action (String) —

  What the threat source can do.

• :threat_impact (String) —

  The direct consequence of the threat action.

• :impacted_goal (Array<String>) —

  The security goals affected by the threat.

• :impacted_assets (Array<String>) —

  The specific assets affected by the threat.

• :anchor (Types::ThreatAnchorShape) —

  The DFD element this threat is anchored to.

• :evidence (Array<Types::ThreatEvidenceShape>) —

  The source code files supporting the threat.

• :recommendation (String) —

  The recommended mitigation guidance for this threat.

Returns:

• (Types::CreateThreatOutput) —

  Returns a response object which responds to the following methods:

  • #threat_id => String
  • #threat_job_id => String
  • #title => String
  • #statement => String
  • #severity => String
  • #status => String
  • #comments => String
  • #stride => Array<String>
  • #threat_source => String
  • #prerequisites => String
  • #threat_action => String
  • #threat_impact => String
  • #impacted_goal => Array<String>
  • #impacted_assets => Array<String>
  • #anchor => Types::ThreatAnchorShape
  • #evidence => Array<Types::ThreatEvidenceShape>
  • #recommendation => String
  • #created_by => String
  • #updated_by => String
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2638

def create_threat(params = {}, options = {})
  req = build_request(:create_threat, params)
  req.send_request(options)
end

#create_threat_model(params = {}) ⇒ Types::CreateThreatModelOutput

Creates a new threat model configuration in an agent space. A threat model defines the parameters for automated threat analysis.

Examples:

Request syntax with placeholder values

resp = client.create_threat_model({
  title: "String", # required
  agent_space_id: "String", # required
  description: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
        integrated_document: {
          integration_id: "String", # required
          resource_id: "String", # required
        },
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  scope_docs: [
    {
      s3_location: "String",
      artifact_id: "String",
      integrated_document: {
        integration_id: "String", # required
        resource_id: "String", # required
      },
    },
  ],
  service_role: "ServiceRole", # required
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  report_destination: {
    integration_id: "String", # required
    container_id: "String", # required
    parent_id: "String",
    document_id: "String",
  },
})

Response structure

resp.threat_model_id #=> String
resp.title #=> String
resp.agent_space_id #=> String
resp.description #=> String
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.documents[0].integrated_document.integration_id #=> String
resp.assets.documents[0].integrated_document.resource_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.scope_docs #=> Array
resp.scope_docs[0].s3_location #=> String
resp.scope_docs[0].artifact_id #=> String
resp.scope_docs[0].integrated_document.integration_id #=> String
resp.scope_docs[0].integrated_document.resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :title (required, String) —

  The title of the threat model.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to create the threat model in.

• :description (String) —

  A description of the application or system being threat modeled.

• :assets (Types::Assets) —

  The assets to include in the threat model.

• :scope_docs (Array<Types::DocumentInfo>) —

  The scoped documents for the agent to focus on during threat modeling.

• :service_role (required, String) —

  The IAM service role to use for the threat model.

• :log_config (Types::CloudWatchLog) —

  The CloudWatch Logs configuration for the threat model.

• :report_destination (Types::ReportDestination) —

  The destination for publishing scan reports to an integrated document provider.

Returns:

• (Types::CreateThreatModelOutput) —

  Returns a response object which responds to the following methods:

  • #threat_model_id => String
  • #title => String
  • #agent_space_id => String
  • #description => String
  • #assets => Types::Assets
  • #scope_docs => Array<Types::DocumentInfo>
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2793

def create_threat_model(params = {}, options = {})
  req = build_request(:create_threat_model, params)
  req.send_request(options)
end

#delete_agent_space(params = {}) ⇒ Types::DeleteAgentSpaceOutput

Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.

Examples:

Request syntax with placeholder values

resp = client.delete_agent_space({
  agent_space_id: "AgentSpaceId", # required
})

Response structure

resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to delete.

Returns:

• (Types::DeleteAgentSpaceOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2822

def delete_agent_space(params = {}, options = {})
  req = build_request(:delete_agent_space, params)
  req.send_request(options)
end

#delete_application(params = {}) ⇒ Struct

Deletes an application and its associated configuration, including IAM Identity Center settings.

Examples:

Request syntax with placeholder values

resp = client.delete_application({
  application_id: "ApplicationId", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2845

def delete_application(params = {}, options = {})
  req = build_request(:delete_application, params)
  req.send_request(options)
end

#delete_artifact(params = {}) ⇒ Struct

Deletes an artifact from an agent space.

Examples:

Request syntax with placeholder values

resp = client.delete_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the artifact.

• :artifact_id (required, String) —

  The unique identifier of the artifact to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2871

def delete_artifact(params = {}, options = {})
  req = build_request(:delete_artifact, params)
  req.send_request(options)
end

#delete_integration(params = {}) ⇒ Struct

Deletes an integration with a third-party provider.

Examples:

Request syntax with placeholder values

resp = client.delete_integration({
  integration_id: "IntegrationId", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :integration_id (required, String) —

  The unique identifier of the integration to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2893

def delete_integration(params = {}, options = {})
  req = build_request(:delete_integration, params)
  req.send_request(options)
end

#delete_membership(params = {}) ⇒ Struct

Deletes a membership, revoking a user's access to an agent space.

Examples:

Request syntax with placeholder values

resp = client.delete_membership({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  membership_id: "MembershipId", # required
  member_type: "USER", # accepts USER
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application that contains the agent space.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to revoke access from.

• :membership_id (required, String) —

  The unique identifier of the membership to delete.

• :member_type (String) —

  The type of member to remove.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2928

def delete_membership(params = {}, options = {})
  req = build_request(:delete_membership, params)
  req.send_request(options)
end

#delete_private_connection(params = {}) ⇒ Types::DeletePrivateConnectionOutput

Deletes a private connection.

Examples:

Request syntax with placeholder values

resp = client.delete_private_connection({
  private_connection_name: "PrivateConnectionName", # required
})

Response structure

resp.name #=> String
resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
resp.resource_gateway_id #=> String
resp.host_address #=> String
resp.vpc_id #=> String
resp.resource_configuration_id #=> String
resp.certificate_expiry_time #=> Time
resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
resp.failure_message #=> String
resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :private_connection_name (required, String) —

  The name of the private connection to delete.

Returns:

• (Types::DeletePrivateConnectionOutput) —

  Returns a response object which responds to the following methods:

  • #name => String
  • #type => String
  • #status => String
  • #resource_gateway_id => String
  • #host_address => String
  • #vpc_id => String
  • #resource_configuration_id => String
  • #certificate_expiry_time => Time
  • #dns_resolution => String
  • #failure_message => String
  • #tags => Hash<String,String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 2977

def delete_private_connection(params = {}, options = {})
  req = build_request(:delete_private_connection, params)
  req.send_request(options)
end

#delete_security_requirement_pack(params = {}) ⇒ Struct

Deletes a customer managed security requirement pack and all its associated security requirements.

Examples:

Request syntax with placeholder values

resp = client.delete_security_requirement_pack({
  pack_id: "SecurityRequirementPackId", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3000

def delete_security_requirement_pack(params = {}, options = {})
  req = build_request(:delete_security_requirement_pack, params)
  req.send_request(options)
end

#delete_target_domain(params = {}) ⇒ Types::DeleteTargetDomainOutput

Deletes a target domain registration. After deletion, the domain can no longer be used for penetration testing.

Examples:

Request syntax with placeholder values

resp = client.delete_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure

resp.target_domain_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_id (required, String) —

  The unique identifier of the target domain to delete.

Returns:

• (Types::DeleteTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3029

def delete_target_domain(params = {}, options = {})
  req = build_request(:delete_target_domain, params)
  req.send_request(options)
end

#describe_private_connection(params = {}) ⇒ Types::DescribePrivateConnectionOutput

Retrieves the details of a private connection.

Examples:

Request syntax with placeholder values

resp = client.describe_private_connection({
  private_connection_name: "PrivateConnectionName", # required
})

Response structure

resp.name #=> String
resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
resp.resource_gateway_id #=> String
resp.host_address #=> String
resp.vpc_id #=> String
resp.resource_configuration_id #=> String
resp.certificate_expiry_time #=> Time
resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
resp.failure_message #=> String
resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :private_connection_name (required, String) —

  The name of the private connection to describe.

Returns:

• (Types::DescribePrivateConnectionOutput) —

  Returns a response object which responds to the following methods:

  • #name => String
  • #type => String
  • #status => String
  • #resource_gateway_id => String
  • #host_address => String
  • #vpc_id => String
  • #resource_configuration_id => String
  • #certificate_expiry_time => Time
  • #dns_resolution => String
  • #failure_message => String
  • #tags => Hash<String,String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3078

def describe_private_connection(params = {}, options = {})
  req = build_request(:describe_private_connection, params)
  req.send_request(options)
end

#get_application(params = {}) ⇒ Types::GetApplicationResponse

Retrieves information about an application.

Examples:

Request syntax with placeholder values

resp = client.get_application({
  application_id: "ApplicationId", # required
})

Response structure

resp.application_id #=> String
resp.domain #=> String
resp.application_name #=> String
resp.idc_configuration.idc_application_arn #=> String
resp.idc_configuration.idc_instance_arn #=> String
resp.role_arn #=> String
resp.default_kms_key_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application to retrieve.

Returns:

• (Types::GetApplicationResponse) —

  Returns a response object which responds to the following methods:

  • #application_id => String
  • #domain => String
  • #application_name => String
  • #idc_configuration => Types::IdCConfiguration
  • #role_arn => String
  • #default_kms_key_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3117

def get_application(params = {}, options = {})
  req = build_request(:get_application, params)
  req.send_request(options)
end

#get_artifact(params = {}) ⇒ Types::GetArtifactOutput

Retrieves an artifact from an agent space.

Examples:

Request syntax with placeholder values

resp = client.get_artifact({
  agent_space_id: "AgentSpaceId", # required
  artifact_id: "ArtifactId", # required
})

Response structure

resp.agent_space_id #=> String
resp.artifact_id #=> String
resp.artifact.contents #=> String
resp.artifact.type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.file_name #=> String
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the artifact.

• :artifact_id (required, String) —

  The unique identifier of the artifact to retrieve.

Returns:

• (Types::GetArtifactOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String
  • #artifact_id => String
  • #artifact => Types::Artifact
  • #file_name => String
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3158

def get_artifact(params = {}, options = {})
  req = build_request(:get_artifact, params)
  req.send_request(options)
end

#get_integration(params = {}) ⇒ Types::GetIntegrationOutput

Retrieves information about an integration.

Examples:

Request syntax with placeholder values

resp = client.get_integration({
  integration_id: "IntegrationId", # required
})

Response structure

resp.integration_id #=> String
resp.installation_id #=> String
resp.provider #=> String, one of "GITHUB", "GITLAB", "BITBUCKET", "CONFLUENCE"
resp.provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.display_name #=> String
resp.kms_key_id #=> String
resp.target_url #=> String
resp.private_connection_name #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :integration_id (required, String) —

  The unique identifier of the integration to retrieve.

Returns:

• (Types::GetIntegrationOutput) —

  Returns a response object which responds to the following methods:

  • #integration_id => String
  • #installation_id => String
  • #provider => String
  • #provider_type => String
  • #display_name => String
  • #kms_key_id => String
  • #target_url => String
  • #private_connection_name => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3200

def get_integration(params = {}, options = {})
  req = build_request(:get_integration, params)
  req.send_request(options)
end

#get_security_requirement_pack(params = {}) ⇒ Types::GetSecurityRequirementPackOutput

Retrieves information about a security requirement pack.

Examples:

Request syntax with placeholder values

resp = client.get_security_requirement_pack({
  pack_id: "SecurityRequirementPackId", # required
})

Response structure

resp.pack_id #=> String
resp.name #=> String
resp.description #=> String
resp.vendor_name #=> String
resp.management_type #=> String, one of "AWS_MANAGED", "CUSTOMER_MANAGED"
resp.status #=> String, one of "ENABLED", "DISABLED"
resp.import_status #=> String, one of "PENDING", "IN_PROGRESS", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.kms_key_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to retrieve.

Returns:

• (Types::GetSecurityRequirementPackOutput) —

  Returns a response object which responds to the following methods:

  • #pack_id => String
  • #name => String
  • #description => String
  • #vendor_name => String
  • #management_type => String
  • #status => String
  • #import_status => String
  • #created_at => Time
  • #updated_at => Time
  • #kms_key_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3246

def get_security_requirement_pack(params = {}, options = {})
  req = build_request(:get_security_requirement_pack, params)
  req.send_request(options)
end

#import_security_requirements(params = {}) ⇒ Types::ImportSecurityRequirementsOutput

Imports security requirements from uploaded documents into a customer managed security requirement pack. The import process asynchronously extracts and generates structured security requirements from the provided source files.

Examples:

Request syntax with placeholder values

resp = client.import_security_requirements({
  pack_id: "SecurityRequirementPackId", # required
  input: { # required
    documents: [
      {
        name: "SecurityRequirementArtifactName", # required
        format: "MD", # required, accepts MD, PDF, TXT, DOCX, DOC
        content: "data", # required
      },
    ],
  },
})

Response structure

resp.pack_id #=> String
resp.import_status #=> String, one of "PENDING", "IN_PROGRESS", "FAILED", "COMPLETED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to import requirements into.

• :input (required, Types::ImportSource) —

  The import source containing the documents to extract security requirements from.

Returns:

• (Types::ImportSecurityRequirementsOutput) —

  Returns a response object which responds to the following methods:

  • #pack_id => String
  • #import_status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3293

def import_security_requirements(params = {}, options = {})
  req = build_request(:import_security_requirements, params)
  req.send_request(options)
end

#initiate_provider_registration(params = {}) ⇒ Types::InitiateProviderRegistrationOutput

Initiates the OAuth registration flow with a third-party provider. Returns a redirect URL and CSRF state token for completing the authorization.

Examples:

Request syntax with placeholder values

resp = client.initiate_provider_registration({
  provider: "GITHUB", # required, accepts GITHUB, GITLAB, BITBUCKET, CONFLUENCE
})

Response structure

resp.redirect_to #=> String
resp.csrf_state #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :provider (required, String) —

  The provider to initiate registration with. Currently, only GITHUB is supported.

Returns:

• (Types::InitiateProviderRegistrationOutput) —

  Returns a response object which responds to the following methods:

  • #redirect_to => String
  • #csrf_state => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3326

def initiate_provider_registration(params = {}, options = {})
  req = build_request(:initiate_provider_registration, params)
  req.send_request(options)
end

#list_agent_spaces(params = {}) ⇒ Types::ListAgentSpacesOutput

Returns a paginated list of agent space summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_agent_spaces({
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.agent_space_summaries #=> Array
resp.agent_space_summaries[0].agent_space_id #=> String
resp.agent_space_summaries[0].name #=> String
resp.agent_space_summaries[0].created_at #=> Time
resp.agent_space_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListAgentSpacesOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_summaries => Array<Types::AgentSpaceSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3369

def list_agent_spaces(params = {}, options = {})
  req = build_request(:list_agent_spaces, params)
  req.send_request(options)
end

#list_applications(params = {}) ⇒ Types::ListApplicationsResponse

Returns a paginated list of application summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_applications({
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.application_summaries #=> Array
resp.application_summaries[0].application_id #=> String
resp.application_summaries[0].application_name #=> String
resp.application_summaries[0].domain #=> String
resp.application_summaries[0].default_kms_key_id #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListApplicationsResponse) —

  Returns a response object which responds to the following methods:

  • #application_summaries => Array<Types::ApplicationSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3412

def list_applications(params = {}, options = {})
  req = build_request(:list_applications, params)
  req.send_request(options)
end

#list_artifacts(params = {}) ⇒ Types::ListArtifactsOutput

Returns a paginated list of artifact summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_artifacts({
  agent_space_id: "AgentSpaceId", # required
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.artifact_summaries #=> Array
resp.artifact_summaries[0].artifact_id #=> String
resp.artifact_summaries[0].file_name #=> String
resp.artifact_summaries[0].artifact_type #=> String, one of "TXT", "PNG", "JPEG", "MD", "PDF", "DOCX", "DOC", "JSON", "YAML"
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list artifacts for.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListArtifactsOutput) —

  Returns a response object which responds to the following methods:

  • #artifact_summaries => Array<Types::ArtifactSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3459

def list_artifacts(params = {}, options = {})
  req = build_request(:list_artifacts, params)
  req.send_request(options)
end

#list_code_review_job_tasks(params = {}) ⇒ Types::ListCodeReviewJobTasksOutput

Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_code_review_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  code_review_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING, VALIDATION
  category_name: "String",
  next_token: "NextToken",
})

Response structure

resp.code_review_job_task_summaries #=> Array
resp.code_review_job_task_summaries[0].task_id #=> String
resp.code_review_job_task_summaries[0].code_review_id #=> String
resp.code_review_job_task_summaries[0].code_review_job_id #=> String
resp.code_review_job_task_summaries[0].agent_space_id #=> String
resp.code_review_job_task_summaries[0].title #=> String
resp.code_review_job_task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.code_review_job_task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.code_review_job_task_summaries[0].created_at #=> Time
resp.code_review_job_task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :code_review_job_id (String) —

  The unique identifier of the code review job to list tasks for.

• :step_name (String) —

  Filter tasks by step name.

• :category_name (String) —

  Filter tasks by category name.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListCodeReviewJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_job_task_summaries => Array<Types::CodeReviewJobTaskSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3524

def list_code_review_job_tasks(params = {}, options = {})
  req = build_request(:list_code_review_job_tasks, params)
  req.send_request(options)
end

#list_code_review_jobs_for_code_review(params = {}) ⇒ Types::ListCodeReviewJobsForCodeReviewOutput

Returns a paginated list of code review job summaries for the specified code review configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_code_review_jobs_for_code_review({
  max_results: 1,
  code_review_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure

resp.code_review_job_summaries #=> Array
resp.code_review_job_summaries[0].code_review_job_id #=> String
resp.code_review_job_summaries[0].code_review_id #=> String
resp.code_review_job_summaries[0].title #=> String
resp.code_review_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.code_review_job_summaries[0].created_at #=> Time
resp.code_review_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :code_review_id (required, String) —

  The unique identifier of the code review to list jobs for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListCodeReviewJobsForCodeReviewOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_job_summaries => Array<Types::CodeReviewJobSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3578

def list_code_review_jobs_for_code_review(params = {}, options = {})
  req = build_request(:list_code_review_jobs_for_code_review, params)
  req.send_request(options)
end

#list_code_reviews(params = {}) ⇒ Types::ListCodeReviewsOutput

Returns a paginated list of code review summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_code_reviews({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure

resp.code_review_summaries #=> Array
resp.code_review_summaries[0].code_review_id #=> String
resp.code_review_summaries[0].agent_space_id #=> String
resp.code_review_summaries[0].title #=> String
resp.code_review_summaries[0].created_at #=> Time
resp.code_review_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list code reviews for.

Returns:

• (Types::ListCodeReviewsOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_summaries => Array<Types::CodeReviewSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3627

def list_code_reviews(params = {}, options = {})
  req = build_request(:list_code_reviews, params)
  req.send_request(options)
end

#list_discovered_endpoints(params = {}) ⇒ Types::ListDiscoveredEndpointsOutput

Returns a paginated list of endpoints discovered during a pentest job execution.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_discovered_endpoints({
  max_results: 1,
  pentest_job_id: "String", # required
  agent_space_id: "String", # required
  prefix: "String",
  next_token: "NextToken",
})

Response structure

resp.discovered_endpoints #=> Array
resp.discovered_endpoints[0].uri #=> String
resp.discovered_endpoints[0].pentest_job_id #=> String
resp.discovered_endpoints[0].task_id #=> String
resp.discovered_endpoints[0].agent_space_id #=> String
resp.discovered_endpoints[0].evidence #=> String
resp.discovered_endpoints[0].operation #=> String
resp.discovered_endpoints[0].description #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_job_id (required, String) —

  The unique identifier of the pentest job to list discovered endpoints for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :prefix (String) —

  A prefix to filter discovered endpoints by URI.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListDiscoveredEndpointsOutput) —

  Returns a response object which responds to the following methods:

  • #discovered_endpoints => Array<Types::DiscoveredEndpoint>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3687

def list_discovered_endpoints(params = {}, options = {})
  req = build_request(:list_discovered_endpoints, params)
  req.send_request(options)
end

#list_findings(params = {}) ⇒ Types::ListFindingsOutput

Lists the security findings for a pentest job.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_findings({
  max_results: 1,
  pentest_job_id: "String",
  code_review_job_id: "String",
  agent_space_id: "String", # required
  next_token: "NextToken",
  risk_type: "String",
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
  confidence: "FALSE_POSITIVE", # accepts FALSE_POSITIVE, UNCONFIRMED, LOW, MEDIUM, HIGH
  name: "String",
})

Response structure

resp.findings_summaries #=> Array
resp.findings_summaries[0].finding_id #=> String
resp.findings_summaries[0].agent_space_id #=> String
resp.findings_summaries[0].pentest_id #=> String
resp.findings_summaries[0].pentest_job_id #=> String
resp.findings_summaries[0].code_review_id #=> String
resp.findings_summaries[0].code_review_job_id #=> String
resp.findings_summaries[0].name #=> String
resp.findings_summaries[0].status #=> String, one of "ACTIVE", "RESOLVED", "ACCEPTED", "FALSE_POSITIVE"
resp.findings_summaries[0].risk_type #=> String
resp.findings_summaries[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
resp.findings_summaries[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
resp.findings_summaries[0].validation_status #=> String, one of "CONFIRMED", "NOT_REPRODUCED", "VALIDATION_FAILED", "VALIDATING", "NOT_VALIDATED"
resp.findings_summaries[0].created_at #=> Time
resp.findings_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_job_id (String) —

  The unique identifier of the pentest job to list findings for.

• :code_review_job_id (String) —

  The unique identifier of the code review job to list findings for. Mutually exclusive with pentestJobId.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :risk_type (String) —

  Filter findings by risk type.

• :risk_level (String) —

  Filter findings by risk level.

• :status (String) —

  Filter findings by status.

• :confidence (String) —

  Filter findings by confidence level.

• :name (String) —

  Filter findings by name.

Returns:

• (Types::ListFindingsOutput) —

  Returns a response object which responds to the following methods:

  • #findings_summaries => Array<Types::FindingSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3773

def list_findings(params = {}, options = {})
  req = build_request(:list_findings, params)
  req.send_request(options)
end

#list_integrated_resources(params = {}) ⇒ Types::ListIntegratedResourcesOutput

Lists the integrated resources for an agent space, optionally filtered by integration or resource type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId",
  resource_type: "CODE_REPOSITORY", # accepts CODE_REPOSITORY, DOCUMENT
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.integrated_resource_summaries #=> Array
resp.integrated_resource_summaries[0].integration_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.name #=> String
resp.integrated_resource_summaries[0].resource.github_repository.provider_resource_id #=> String
resp.integrated_resource_summaries[0].resource.github_repository.owner #=> String
resp.integrated_resource_summaries[0].resource.github_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
resp.integrated_resource_summaries[0].resource.gitlab_repository.name #=> String
resp.integrated_resource_summaries[0].resource.gitlab_repository.provider_resource_id #=> String
resp.integrated_resource_summaries[0].resource.gitlab_repository.namespace #=> String
resp.integrated_resource_summaries[0].resource.gitlab_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
resp.integrated_resource_summaries[0].resource.bitbucket_repository.name #=> String
resp.integrated_resource_summaries[0].resource.bitbucket_repository.provider_resource_id #=> String
resp.integrated_resource_summaries[0].resource.bitbucket_repository.workspace #=> String
resp.integrated_resource_summaries[0].resource.bitbucket_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
resp.integrated_resource_summaries[0].resource.confluence_document.name #=> String
resp.integrated_resource_summaries[0].resource.confluence_document.provider_resource_id #=> String
resp.integrated_resource_summaries[0].resource.confluence_document.space_key #=> String
resp.integrated_resource_summaries[0].resource.confluence_document.page_id #=> String
resp.integrated_resource_summaries[0].resource.confluence_document.title #=> String
resp.integrated_resource_summaries[0].resource.confluence_document.space_title #=> String
resp.integrated_resource_summaries[0].capabilities.github.leave_comments #=> Boolean
resp.integrated_resource_summaries[0].capabilities.github.remediate_code #=> Boolean
resp.integrated_resource_summaries[0].capabilities.gitlab.leave_comments #=> Boolean
resp.integrated_resource_summaries[0].capabilities.gitlab.remediate_code #=> Boolean
resp.integrated_resource_summaries[0].capabilities.bitbucket.leave_comments #=> Boolean
resp.integrated_resource_summaries[0].capabilities.bitbucket.remediate_code #=> Boolean
resp.integrated_resource_summaries[0].capabilities.confluence.fetch_document #=> Boolean
resp.integrated_resource_summaries[0].capabilities.confluence.create_document #=> Boolean
resp.integrated_resource_summaries[0].capabilities.confluence.update_document #=> Boolean
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list integrated resources for.

• :integration_id (String) —

  The unique identifier of the integration to filter by.

• :resource_type (String) —

  The type of resource to filter by.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListIntegratedResourcesOutput) —

  Returns a response object which responds to the following methods:

  • #integrated_resource_summaries => Array<Types::IntegratedResourceSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3854

def list_integrated_resources(params = {}, options = {})
  req = build_request(:list_integrated_resources, params)
  req.send_request(options)
end

#list_integrations(params = {}) ⇒ Types::ListIntegrationsOutput

Lists the integrations in your account, optionally filtered by provider or provider type.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_integrations({
  filter: {
    provider: "GITHUB", # accepts GITHUB, GITLAB, BITBUCKET, CONFLUENCE
    provider_type: "SOURCE_CODE", # accepts SOURCE_CODE, DOCUMENTATION
  },
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.integration_summaries #=> Array
resp.integration_summaries[0].integration_id #=> String
resp.integration_summaries[0].installation_id #=> String
resp.integration_summaries[0].provider #=> String, one of "GITHUB", "GITLAB", "BITBUCKET", "CONFLUENCE"
resp.integration_summaries[0].provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
resp.integration_summaries[0].display_name #=> String
resp.integration_summaries[0].target_url #=> String
resp.integration_summaries[0].private_connection_name #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :filter (Types::IntegrationFilter) —

  A filter to apply to the list of integrations.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListIntegrationsOutput) —

  Returns a response object which responds to the following methods:

  • #integration_summaries => Array<Types::IntegrationSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3908

def list_integrations(params = {}, options = {})
  req = build_request(:list_integrations, params)
  req.send_request(options)
end

#list_memberships(params = {}) ⇒ Types::ListMembershipsResponse

Returns a paginated list of membership summaries for the specified agent space within an application.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_memberships({
  application_id: "ApplicationId", # required
  agent_space_id: "AgentSpaceId", # required
  member_type: "USER", # accepts USER, ALL
  max_results: 1,
  next_token: "NextToken",
})

Response structure

resp.membership_summaries #=> Array
resp.membership_summaries[0].membership_id #=> String
resp.membership_summaries[0].application_id #=> String
resp.membership_summaries[0].agent_space_id #=> String
resp.membership_summaries[0].member_type #=> String, one of "USER"
resp.membership_summaries[0].config.user.role #=> String, one of "MEMBER"
resp.membership_summaries[0].metadata.user.username #=> String
resp.membership_summaries[0].metadata.user.email #=> String
resp.membership_summaries[0].created_at #=> Time
resp.membership_summaries[0].updated_at #=> Time
resp.membership_summaries[0].created_by #=> String
resp.membership_summaries[0].updated_by #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application that contains the agent space.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list memberships for.

• :member_type (String) —

  Filter memberships by member type.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListMembershipsResponse) —

  Returns a response object which responds to the following methods:

  • #membership_summaries => Array<Types::MembershipSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 3972

def list_memberships(params = {}, options = {})
  req = build_request(:list_memberships, params)
  req.send_request(options)
end

#list_pentest_job_tasks(params = {}) ⇒ Types::ListPentestJobTasksOutput

Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_pentest_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  pentest_job_id: "String",
  step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING, VALIDATION
  category_name: "String",
  next_token: "NextToken",
})

Response structure

resp.task_summaries #=> Array
resp.task_summaries[0].task_id #=> String
resp.task_summaries[0].pentest_id #=> String
resp.task_summaries[0].pentest_job_id #=> String
resp.task_summaries[0].agent_space_id #=> String
resp.task_summaries[0].title #=> String
resp.task_summaries[0].risk_type #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.task_summaries[0].created_at #=> Time
resp.task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_job_id (String) —

  The unique identifier of the pentest job to list tasks for.

• :step_name (String) —

  Filter tasks by step name. Valid values include PREFLIGHT, STATIC_ANALYSIS, PENTEST, VALIDATION, and FINALIZING.

• :category_name (String) —

  Filter tasks by category name.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListPentestJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #task_summaries => Array<Types::TaskSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4038

def list_pentest_job_tasks(params = {}, options = {})
  req = build_request(:list_pentest_job_tasks, params)
  req.send_request(options)
end

#list_pentest_jobs_for_pentest(params = {}) ⇒ Types::ListPentestJobsForPentestOutput

Returns a paginated list of pentest job summaries for the specified pentest configuration.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_pentest_jobs_for_pentest({
  max_results: 1,
  pentest_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure

resp.pentest_job_summaries #=> Array
resp.pentest_job_summaries[0].pentest_job_id #=> String
resp.pentest_job_summaries[0].pentest_id #=> String
resp.pentest_job_summaries[0].title #=> String
resp.pentest_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.pentest_job_summaries[0].created_at #=> Time
resp.pentest_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :pentest_id (required, String) —

  The unique identifier of the pentest to list jobs for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

Returns:

• (Types::ListPentestJobsForPentestOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_job_summaries => Array<Types::PentestJobSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4092

def list_pentest_jobs_for_pentest(params = {}, options = {})
  req = build_request(:list_pentest_jobs_for_pentest, params)
  req.send_request(options)
end

#list_pentests(params = {}) ⇒ Types::ListPentestsOutput

Returns a paginated list of pentest summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_pentests({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure

resp.pentest_summaries #=> Array
resp.pentest_summaries[0].pentest_id #=> String
resp.pentest_summaries[0].agent_space_id #=> String
resp.pentest_summaries[0].title #=> String
resp.pentest_summaries[0].created_at #=> Time
resp.pentest_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list pentests for.

Returns:

• (Types::ListPentestsOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_summaries => Array<Types::PentestSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4141

def list_pentests(params = {}, options = {})
  req = build_request(:list_pentests, params)
  req.send_request(options)
end

#list_private_connections(params = {}) ⇒ Types::ListPrivateConnectionsOutput

Lists the private connections in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_private_connections({
  max_results: 1,
  next_token: "NextToken",
})

Response structure

resp.private_connections #=> Array
resp.private_connections[0].name #=> String
resp.private_connections[0].type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
resp.private_connections[0].status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
resp.private_connections[0].resource_gateway_id #=> String
resp.private_connections[0].host_address #=> String
resp.private_connections[0].vpc_id #=> String
resp.private_connections[0].resource_configuration_id #=> String
resp.private_connections[0].certificate_expiry_time #=> Time
resp.private_connections[0].dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
resp.private_connections[0].failure_message #=> String
resp.private_connections[0].tags #=> Hash
resp.private_connections[0].tags["TagKey"] #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of private connections to return in a single response.

• :next_token (String) —

  The token for the next page of results.

Returns:

• (Types::ListPrivateConnectionsOutput) —

  Returns a response object which responds to the following methods:

  • #private_connections => Array<Types::PrivateConnectionSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4190

def list_private_connections(params = {}, options = {})
  req = build_request(:list_private_connections, params)
  req.send_request(options)
end

#list_security_requirement_packs(params = {}) ⇒ Types::ListSecurityRequirementPacksOutput

Lists all security requirement packs in the caller's account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_security_requirement_packs({
  filter: {
    management_type: "AWS_MANAGED", # accepts AWS_MANAGED, CUSTOMER_MANAGED
    status: "ENABLED", # accepts ENABLED, DISABLED
  },
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.security_requirement_pack_summaries #=> Array
resp.security_requirement_pack_summaries[0].pack_id #=> String
resp.security_requirement_pack_summaries[0].name #=> String
resp.security_requirement_pack_summaries[0].description #=> String
resp.security_requirement_pack_summaries[0].vendor_name #=> String
resp.security_requirement_pack_summaries[0].management_type #=> String, one of "AWS_MANAGED", "CUSTOMER_MANAGED"
resp.security_requirement_pack_summaries[0].status #=> String, one of "ENABLED", "DISABLED"
resp.security_requirement_pack_summaries[0].created_at #=> Time
resp.security_requirement_pack_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :filter (Types::ListSecurityRequirementPackFilter) —

  The filter criteria for listing security requirement packs.

• :next_token (String) —

  The pagination token from a previous request to retrieve the next page of results.

• :max_results (Integer) —

  The maximum number of results to return in a single request.

Returns:

• (Types::ListSecurityRequirementPacksOutput) —

  Returns a response object which responds to the following methods:

  • #security_requirement_pack_summaries => Array<Types::SecurityRequirementPackSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4242

def list_security_requirement_packs(params = {}, options = {})
  req = build_request(:list_security_requirement_packs, params)
  req.send_request(options)
end

#list_security_requirements(params = {}) ⇒ Types::ListSecurityRequirementsOutput

Lists security requirements within a pack.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_security_requirements({
  pack_id: "SecurityRequirementPackId", # required
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.security_requirement_summaries #=> Array
resp.security_requirement_summaries[0].pack_id #=> String
resp.security_requirement_summaries[0].name #=> String
resp.security_requirement_summaries[0].description #=> String
resp.security_requirement_summaries[0].created_at #=> Time
resp.security_requirement_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to list requirements for.

• :next_token (String) —

  The pagination token from a previous request to retrieve the next page of results.

• :max_results (Integer) —

  The maximum number of results to return in a single request.

Returns:

• (Types::ListSecurityRequirementsOutput) —

  Returns a response object which responds to the following methods:

  • #security_requirement_summaries => Array<Types::SecurityRequirementSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4289

def list_security_requirements(params = {}, options = {})
  req = build_request(:list_security_requirements, params)
  req.send_request(options)
end

#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceOutput

Returns the tags associated with the specified resource.

Examples:

Request syntax with placeholder values

resp = client.list_tags_for_resource({
  resource_arn: "ResourceArn", # required
})

Response structure

resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource to list tags for.

Returns:

• (Types::ListTagsForResourceOutput) —

  Returns a response object which responds to the following methods:

  • #tags => Hash<String,String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4318

def list_tags_for_resource(params = {}, options = {})
  req = build_request(:list_tags_for_resource, params)
  req.send_request(options)
end

#list_target_domains(params = {}) ⇒ Types::ListTargetDomainsOutput

Returns a paginated list of target domain summaries in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_target_domains({
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.target_domain_summaries #=> Array
resp.target_domain_summaries[0].target_domain_id #=> String
resp.target_domain_summaries[0].domain_name #=> String
resp.target_domain_summaries[0].verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListTargetDomainsOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_summaries => Array<Types::TargetDomainSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4360

def list_target_domains(params = {}, options = {})
  req = build_request(:list_target_domains, params)
  req.send_request(options)
end

#list_threat_model_job_tasks(params = {}) ⇒ Types::ListThreatModelJobTasksOutput

Returns a paginated list of task summaries for the specified threat model job.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_threat_model_job_tasks({
  agent_space_id: "String", # required
  max_results: 1,
  threat_model_job_id: "String", # required
  next_token: "NextToken",
})

Response structure

resp.threat_model_job_task_summaries #=> Array
resp.threat_model_job_task_summaries[0].task_id #=> String
resp.threat_model_job_task_summaries[0].threat_model_id #=> String
resp.threat_model_job_task_summaries[0].threat_model_job_id #=> String
resp.threat_model_job_task_summaries[0].agent_space_id #=> String
resp.threat_model_job_task_summaries[0].title #=> String
resp.threat_model_job_task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
resp.threat_model_job_task_summaries[0].created_at #=> Time
resp.threat_model_job_task_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :threat_model_job_id (required, String) —

  The unique identifier of the threat model job to list tasks for.

• :next_token (String) —

  A token to use for paginating results that are returned in the response.

Returns:

• (Types::ListThreatModelJobTasksOutput) —

  Returns a response object which responds to the following methods:

  • #threat_model_job_task_summaries => Array<Types::ThreatModelJobTaskSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4414

def list_threat_model_job_tasks(params = {}, options = {})
  req = build_request(:list_threat_model_job_tasks, params)
  req.send_request(options)
end

#list_threat_model_jobs(params = {}) ⇒ Types::ListThreatModelJobsOutput

Returns a paginated list of threat model job summaries for the specified threat model.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_threat_model_jobs({
  max_results: 1,
  threat_model_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
})

Response structure

resp.threat_model_job_summaries #=> Array
resp.threat_model_job_summaries[0].threat_model_job_id #=> String
resp.threat_model_job_summaries[0].threat_model_id #=> String
resp.threat_model_job_summaries[0].agent_space_id #=> String
resp.threat_model_job_summaries[0].title #=> String
resp.threat_model_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.threat_model_job_summaries[0].created_at #=> Time
resp.threat_model_job_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :threat_model_id (required, String) —

  The unique identifier of the threat model to list jobs for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response.

Returns:

• (Types::ListThreatModelJobsOutput) —

  Returns a response object which responds to the following methods:

  • #threat_model_job_summaries => Array<Types::ThreatModelJobSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4467

def list_threat_model_jobs(params = {}, options = {})
  req = build_request(:list_threat_model_jobs, params)
  req.send_request(options)
end

#list_threat_models(params = {}) ⇒ Types::ListThreatModelsOutput

Returns a paginated list of threat model summaries for the specified agent space.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_threat_models({
  max_results: 1,
  next_token: "NextToken",
  agent_space_id: "String", # required
})

Response structure

resp.threat_model_summaries #=> Array
resp.threat_model_summaries[0].threat_model_id #=> String
resp.threat_model_summaries[0].agent_space_id #=> String
resp.threat_model_summaries[0].title #=> String
resp.threat_model_summaries[0].created_at #=> Time
resp.threat_model_summaries[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call.

• :next_token (String) —

  A token to use for paginating results that are returned in the response.

• :agent_space_id (required, String) —

  The unique identifier of the agent space to list threat models for.

Returns:

• (Types::ListThreatModelsOutput) —

  Returns a response object which responds to the following methods:

  • #threat_model_summaries => Array<Types::ThreatModelSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4514

def list_threat_models(params = {}, options = {})
  req = build_request(:list_threat_models, params)
  req.send_request(options)
end

#list_threats(params = {}) ⇒ Types::ListThreatsOutput

Returns a paginated list of threats for a threat model job.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_threats({
  threat_job_id: "String", # required
  agent_space_id: "String", # required
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.threats #=> Array
resp.threats[0].threat_id #=> String
resp.threats[0].threat_job_id #=> String
resp.threats[0].title #=> String
resp.threats[0].statement #=> String
resp.threats[0].severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
resp.threats[0].status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
resp.threats[0].stride #=> Array
resp.threats[0].stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
resp.threats[0].created_by #=> String, one of "CUSTOMER", "AGENT"
resp.threats[0].updated_by #=> String, one of "CUSTOMER", "AGENT"
resp.threats[0].created_at #=> Time
resp.threats[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :threat_job_id (required, String) —

  The unique identifier of the threat model job to list threats for.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :next_token (String) —

  A token to use for paginating results that are returned in the response.

• :max_results (Integer) —

  The maximum number of results to return in a single call.

Returns:

• (Types::ListThreatsOutput) —

  Returns a response object which responds to the following methods:

  • #threats => Array<Types::ThreatSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4571

def list_threats(params = {}, options = {})
  req = build_request(:list_threats, params)
  req.send_request(options)
end

#start_code_remediation(params = {}) ⇒ Struct

Initiates code remediation for one or more security findings. This creates pull requests in integrated repositories to fix the identified vulnerabilities.

Examples:

Request syntax with placeholder values

resp = client.start_code_remediation({
  agent_space_id: "String", # required
  pentest_job_id: "String",
  code_review_job_id: "String",
  finding_ids: ["String"], # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :pentest_job_id (String) —

  The unique identifier of the pentest job that produced the findings. Mutually exclusive with codeReviewJobId.

• :code_review_job_id (String) —

  The unique identifier of the code review job that produced the findings. Mutually exclusive with pentestJobId.

• :finding_ids (required, Array<String>) —

  The list of finding identifiers to initiate code remediation for.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4609

def start_code_remediation(params = {}, options = {})
  req = build_request(:start_code_remediation, params)
  req.send_request(options)
end

#start_code_review_job(params = {}) ⇒ Types::StartCodeReviewJobOutput

Starts a new code review job for a code review configuration. The job executes the security-focused code analysis defined in the code review.

Examples:

Request syntax with placeholder values

resp = client.start_code_review_job({
  agent_space_id: "String", # required
  code_review_id: "String", # required
  diff_source: {
    s3_uri: "String",
  },
})

Response structure

resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.code_review_id #=> String
resp.code_review_job_id #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :code_review_id (required, String) —

  The unique identifier of the code review to start a job for.

• :diff_source (Types::DiffSource) —

  Source of the diff for a differential scan. When present, the job analyzes only the changed lines instead of performing a full scan.

Returns:

• (Types::StartCodeReviewJobOutput) —

  Returns a response object which responds to the following methods:

  • #title => String
  • #status => String
  • #created_at => Time
  • #updated_at => Time
  • #code_review_id => String
  • #code_review_job_id => String
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4662

def start_code_review_job(params = {}, options = {})
  req = build_request(:start_code_review_job, params)
  req.send_request(options)
end

#start_pentest_job(params = {}) ⇒ Types::StartPentestJobOutput

Starts a new pentest job for a pentest configuration. The job executes the security tests defined in the pentest.

Examples:

Request syntax with placeholder values

resp = client.start_pentest_job({
  agent_space_id: "String", # required
  pentest_id: "String", # required
})

Response structure

resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.pentest_id #=> String
resp.pentest_job_id #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :pentest_id (required, String) —

  The unique identifier of the pentest to start a job for.

Returns:

• (Types::StartPentestJobOutput) —

  Returns a response object which responds to the following methods:

  • #title => String
  • #status => String
  • #created_at => Time
  • #updated_at => Time
  • #pentest_id => String
  • #pentest_job_id => String
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4707

def start_pentest_job(params = {}, options = {})
  req = build_request(:start_pentest_job, params)
  req.send_request(options)
end

#start_threat_model_job(params = {}) ⇒ Types::StartThreatModelJobOutput

Starts a new threat model job for a threat model configuration.

Examples:

Request syntax with placeholder values

resp = client.start_threat_model_job({
  agent_space_id: "String", # required
  threat_model_id: "String", # required
})

Response structure

resp.title #=> String
resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.threat_model_id #=> String
resp.threat_model_job_id #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :threat_model_id (required, String) —

  The unique identifier of the threat model to start a job for.

Returns:

• (Types::StartThreatModelJobOutput) —

  Returns a response object which responds to the following methods:

  • #title => String
  • #status => String
  • #created_at => Time
  • #updated_at => Time
  • #threat_model_id => String
  • #threat_model_job_id => String
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4751

def start_threat_model_job(params = {}, options = {})
  req = build_request(:start_threat_model_job, params)
  req.send_request(options)
end

#stop_code_review_job(params = {}) ⇒ Struct

Stops a running code review job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values

resp = client.stop_code_review_job({
  agent_space_id: "String", # required
  code_review_job_id: "String", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :code_review_job_id (required, String) —

  The unique identifier of the code review job to stop.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4778

def stop_code_review_job(params = {}, options = {})
  req = build_request(:stop_code_review_job, params)
  req.send_request(options)
end

#stop_pentest_job(params = {}) ⇒ Struct

Stops a running pentest job. The job transitions to a stopping state and then to stopped after cleanup completes.

Examples:

Request syntax with placeholder values

resp = client.stop_pentest_job({
  agent_space_id: "String", # required
  pentest_job_id: "String", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :pentest_job_id (required, String) —

  The unique identifier of the pentest job to stop.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4805

def stop_pentest_job(params = {}, options = {})
  req = build_request(:stop_pentest_job, params)
  req.send_request(options)
end

#stop_threat_model_job(params = {}) ⇒ Struct

Stops a running threat model job.

Examples:

Request syntax with placeholder values

resp = client.stop_threat_model_job({
  agent_space_id: "String", # required
  threat_model_job_id: "String", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :threat_model_job_id (required, String) —

  The unique identifier of the threat model job to stop.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4831

def stop_threat_model_job(params = {}, options = {})
  req = build_request(:stop_threat_model_job, params)
  req.send_request(options)
end

#tag_resource(params = {}) ⇒ Struct

Adds tags to a resource.

Examples:

Request syntax with placeholder values

resp = client.tag_resource({
  resource_arn: "ResourceArn", # required
  tags: { # required
    "TagKey" => "TagValue",
  },
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource to tag.

• :tags (required, Hash<String,String>) —

  The tags to add to the resource.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4859

def tag_resource(params = {}, options = {})
  req = build_request(:tag_resource, params)
  req.send_request(options)
end

#untag_resource(params = {}) ⇒ Struct

Removes tags from a resource.

Examples:

Request syntax with placeholder values

resp = client.untag_resource({
  resource_arn: "ResourceArn", # required
  tag_keys: ["TagKey"], # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource to remove tags from.

• :tag_keys (required, Array<String>) —

  The list of tag keys to remove from the resource.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4885

def untag_resource(params = {}, options = {})
  req = build_request(:untag_resource, params)
  req.send_request(options)
end

#update_agent_space(params = {}) ⇒ Types::UpdateAgentSpaceOutput

Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.

Examples:

Request syntax with placeholder values

resp = client.update_agent_space({
  agent_space_id: "AgentSpaceId", # required
  name: "AgentName",
  description: "String",
  aws_resources: {
    vpcs: [
      {
        vpc_arn: "VpcArn",
        security_group_arns: ["SecurityGroupArn"],
        subnet_arns: ["SubnetArn"],
      },
    ],
    log_groups: ["LogGroupArn"],
    s3_buckets: ["S3BucketArn"],
    secret_arns: ["SecretArn"],
    lambda_function_arns: ["LambdaFunctionArn"],
    iam_roles: ["ServiceRole"],
  },
  target_domain_ids: ["String"],
  code_review_settings: {
    controls_scanning: false, # required
    general_purpose_scanning: false, # required
  },
})

Response structure

resp.agent_space_id #=> String
resp.name #=> String
resp.description #=> String
resp.aws_resources.vpcs #=> Array
resp.aws_resources.vpcs[0].vpc_arn #=> String
resp.aws_resources.vpcs[0].security_group_arns #=> Array
resp.aws_resources.vpcs[0].security_group_arns[0] #=> String
resp.aws_resources.vpcs[0].subnet_arns #=> Array
resp.aws_resources.vpcs[0].subnet_arns[0] #=> String
resp.aws_resources.log_groups #=> Array
resp.aws_resources.log_groups[0] #=> String
resp.aws_resources.s3_buckets #=> Array
resp.aws_resources.s3_buckets[0] #=> String
resp.aws_resources.secret_arns #=> Array
resp.aws_resources.secret_arns[0] #=> String
resp.aws_resources.lambda_function_arns #=> Array
resp.aws_resources.lambda_function_arns[0] #=> String
resp.aws_resources.iam_roles #=> Array
resp.aws_resources.iam_roles[0] #=> String
resp.target_domain_ids #=> Array
resp.target_domain_ids[0] #=> String
resp.code_review_settings.controls_scanning #=> Boolean
resp.code_review_settings.general_purpose_scanning #=> Boolean
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space to update.

• :name (String) —

  The updated name of the agent space.

• :description (String) —

  The updated description of the agent space.

• :aws_resources (Types::AWSResources) —

  The updated AWS resources to associate with the agent space.

• :target_domain_ids (Array<String>) —

  The updated list of target domain identifiers to associate with the agent space.

• :code_review_settings (Types::CodeReviewSettings) —

  The updated code review settings for the agent space.

Returns:

• (Types::UpdateAgentSpaceOutput) —

  Returns a response object which responds to the following methods:

  • #agent_space_id => String
  • #name => String
  • #description => String
  • #aws_resources => Types::AWSResources
  • #target_domain_ids => Array<String>
  • #code_review_settings => Types::CodeReviewSettings
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 4983

def update_agent_space(params = {}, options = {})
  req = build_request(:update_agent_space, params)
  req.send_request(options)
end

#update_application(params = {}) ⇒ Types::UpdateApplicationResponse

Updates the configuration of an existing application, including the IAM role and default KMS key.

Examples:

Request syntax with placeholder values

resp = client.update_application({
  application_id: "ApplicationId", # required
  role_arn: "RoleArn",
  default_kms_key_id: "DefaultKmsKeyId",
})

Response structure

resp.application_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :application_id (required, String) —

  The unique identifier of the application to update.

• :role_arn (String) —

  The updated Amazon Resource Name (ARN) of the IAM role for the application.

• :default_kms_key_id (String) —

  The updated identifier of the default AWS KMS key for the application.

Returns:

• (Types::UpdateApplicationResponse) —

  Returns a response object which responds to the following methods:

  • #application_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5021

def update_application(params = {}, options = {})
  req = build_request(:update_application, params)
  req.send_request(options)
end

#update_code_review(params = {}) ⇒ Types::UpdateCodeReviewOutput

Updates an existing code review configuration.

Examples:

Request syntax with placeholder values

resp = client.update_code_review({
  code_review_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
        integrated_document: {
          integration_id: "String", # required
          resource_id: "String", # required
        },
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
  validation_mode: "DISABLED", # accepts DISABLED, SIMULATED
})

Response structure

resp.code_review_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.documents[0].integrated_document.integration_id #=> String
resp.assets.documents[0].integrated_document.resource_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String
resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
resp.validation_mode #=> String, one of "DISABLED", "SIMULATED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_review_id (required, String) —

  The unique identifier of the code review to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the code review.

• :title (String) —

  The updated title of the code review.

• :assets (Types::Assets) —

  The updated assets for the code review.

• :service_role (String) —

  The updated IAM service role for the code review.

• :log_config (Types::CloudWatchLog) —

  The updated CloudWatch Logs configuration for the code review.

• :code_remediation_strategy (String) —

  The updated code remediation strategy for the code review.

• :validation_mode (String) —

  The updated validation mode for the code review. Valid values are SIMULATED and DISABLED.

Returns:

• (Types::UpdateCodeReviewOutput) —

  Returns a response object which responds to the following methods:

  • #code_review_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String
  • #code_remediation_strategy => String
  • #validation_mode => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5157

def update_code_review(params = {}, options = {})
  req = build_request(:update_code_review, params)
  req.send_request(options)
end

#update_finding(params = {}) ⇒ Struct

Updates the status or risk level of a security finding.

Examples:

Request syntax with placeholder values

resp = client.update_finding({
  finding_id: "String", # required
  agent_space_id: "String", # required
  name: "String",
  description: "String",
  risk_type: "String",
  risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  risk_score: "String",
  attack_script: "String",
  reasoning: "String",
  status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
  customer_note: "String",
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :finding_id (required, String) —

  The unique identifier of the finding to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the finding.

• :name (String) —

  The updated name for the finding.

• :description (String) —

  The updated description for the finding.

• :risk_type (String) —

  The updated risk type for the finding.

• :risk_level (String) —

  The updated risk level for the finding.

• :risk_score (String) —

  The updated numerical risk score for the finding.

• :attack_script (String) —

  The updated attack script for the finding.

• :reasoning (String) —

  The updated reasoning for the finding.

• :status (String) —

  The updated status for the finding.

• :customer_note (String) —

  A customer-provided note on the finding.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5219

def update_finding(params = {}, options = {})
  req = build_request(:update_finding, params)
  req.send_request(options)
end

#update_integrated_resources(params = {}) ⇒ Struct

Updates the integrated resources for an agent space, including their capabilities.

Examples:

Request syntax with placeholder values

resp = client.update_integrated_resources({
  agent_space_id: "AgentSpaceId", # required
  integration_id: "IntegrationId", # required
  items: [ # required
    {
      resource: { # required
        github_repository: {
          name: "ProviderResourceName", # required
          owner: "GitHubOwner", # required
        },
        gitlab_repository: {
          name: "ProviderResourceName", # required
          namespace: "GitLabNamespace", # required
        },
        bitbucket_repository: {
          name: "ProviderResourceName", # required
          workspace: "BitbucketWorkspace", # required
        },
        confluence_document: {
          name: "ProviderResourceName", # required
          space_key: "String", # required
          page_id: "String", # required
          title: "String",
          space_title: "String",
        },
      },
      capabilities: {
        github: {
          leave_comments: false,
          remediate_code: false,
        },
        gitlab: {
          leave_comments: false,
          remediate_code: false,
        },
        bitbucket: {
          leave_comments: false,
          remediate_code: false,
        },
        confluence: {
          fetch_document: false,
          create_document: false,
          update_document: false,
        },
      },
    },
  ],
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :integration_id (required, String) —

  The unique identifier of the integration.

• :items (required, Array<Types::IntegratedResourceInputItem>) —

  The list of integrated resource items to update.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5293

def update_integrated_resources(params = {}, options = {})
  req = build_request(:update_integrated_resources, params)
  req.send_request(options)
end

#update_pentest(params = {}) ⇒ Types::UpdatePentestOutput

Updates an existing pentest configuration.

Examples:

Request syntax with placeholder values

resp = client.update_pentest({
  pentest_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
        integrated_document: {
          integration_id: "String", # required
          resource_id: "String", # required
        },
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  exclude_risk_types: ["CROSS_SITE_SCRIPTING"], # accepts CROSS_SITE_SCRIPTING, DEFAULT_CREDENTIALS, INSECURE_DIRECT_OBJECT_REFERENCE, PRIVILEGE_ESCALATION, SERVER_SIDE_TEMPLATE_INJECTION, COMMAND_INJECTION, CODE_INJECTION, SQL_INJECTION, ARBITRARY_FILE_UPLOAD, INSECURE_DESERIALIZATION, LOCAL_FILE_INCLUSION, INFORMATION_DISCLOSURE, PATH_TRAVERSAL, SERVER_SIDE_REQUEST_FORGERY, JSON_WEB_TOKEN_VULNERABILITIES, XML_EXTERNAL_ENTITY, FILE_DELETION, OTHER, GRAPHQL_VULNERABILITIES, BUSINESS_LOGIC_VULNERABILITIES, CRYPTOGRAPHIC_VULNERABILITIES, DENIAL_OF_SERVICE, FILE_ACCESS, FILE_CREATION, DATABASE_MODIFICATION, DATABASE_ACCESS, OUTBOUND_SERVICE_REQUEST, UNKNOWN
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
  vpc_config: {
    vpc_arn: "VpcArn",
    security_group_arns: ["SecurityGroupArn"],
    subnet_arns: ["SubnetArn"],
  },
  network_traffic_config: {
    rules: [
      {
        effect: "ALLOW", # accepts ALLOW, DENY
        pattern: "String",
        network_traffic_rule_type: "URL", # accepts URL
      },
    ],
    custom_headers: [
      {
        name: "String",
        value: "String",
      },
    ],
  },
  code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
  disable_managed_skills: ["FINDING_PERSONALIZATION"], # accepts FINDING_PERSONALIZATION, LOGIN_OPTIMIZATION
})

Response structure

resp.pentest_id #=> String
resp.title #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.documents[0].integrated_document.integration_id #=> String
resp.assets.documents[0].integrated_document.resource_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.exclude_risk_types #=> Array
resp.exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.agent_space_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pentest_id (required, String) —

  The unique identifier of the pentest to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the pentest.

• :title (String) —

  The updated title of the pentest.

• :assets (Types::Assets) —

  The updated assets for the pentest.

• :exclude_risk_types (Array<String>) —

  The updated list of risk types to exclude from the pentest.

• :service_role (String) —

  The updated IAM service role for the pentest.

• :log_config (Types::CloudWatchLog) —

  The updated CloudWatch Logs configuration for the pentest.

• :vpc_config (Types::VpcConfig) —

  The updated VPC configuration for the pentest.

• :network_traffic_config (Types::NetworkTrafficConfig) —

  The updated network traffic configuration for the pentest.

• :code_remediation_strategy (String) —

  The updated code remediation strategy for the pentest.

• :disable_managed_skills (Array<String>) —

  The updated list of managed skills to disable for this pentest. Valid values include FINDING_PERSONALIZATION and LOGIN_OPTIMIZATION.

Returns:

• (Types::UpdatePentestOutput) —

  Returns a response object which responds to the following methods:

  • #pentest_id => String
  • #title => String
  • #created_at => Time
  • #updated_at => Time
  • #assets => Types::Assets
  • #exclude_risk_types => Array<String>
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #agent_space_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5457

def update_pentest(params = {}, options = {})
  req = build_request(:update_pentest, params)
  req.send_request(options)
end

#update_private_connection_certificate(params = {}) ⇒ Types::UpdatePrivateConnectionCertificateOutput

Updates the certificate associated with a private connection. Certificates can be added or replaced but not removed.

Examples:

Request syntax with placeholder values

resp = client.update_private_connection_certificate({
  private_connection_name: "PrivateConnectionName", # required
  certificate: "CertificateChain", # required
})

Response structure

resp.name #=> String
resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
resp.resource_gateway_id #=> String
resp.host_address #=> String
resp.vpc_id #=> String
resp.resource_configuration_id #=> String
resp.certificate_expiry_time #=> Time
resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
resp.failure_message #=> String
resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :private_connection_name (required, String) —

  The name of the private connection to update.

• :certificate (required, String) —

  The PEM-encoded certificate chain for the private connection.

Returns:

• (Types::UpdatePrivateConnectionCertificateOutput) —

  Returns a response object which responds to the following methods:

  • #name => String
  • #type => String
  • #status => String
  • #resource_gateway_id => String
  • #host_address => String
  • #vpc_id => String
  • #resource_configuration_id => String
  • #certificate_expiry_time => Time
  • #dns_resolution => String
  • #failure_message => String
  • #tags => Hash<String,String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5511

def update_private_connection_certificate(params = {}, options = {})
  req = build_request(:update_private_connection_certificate, params)
  req.send_request(options)
end

#update_security_requirement_pack(params = {}) ⇒ Types::UpdateSecurityRequirementPackOutput

Updates a security requirement pack. For customer managed packs, both metadata and status can be updated. For AWS managed packs, only status can be updated.

Examples:

Request syntax with placeholder values

resp = client.update_security_requirement_pack({
  pack_id: "SecurityRequirementPackId", # required
  name: "SecurityRequirementPackName",
  description: "String",
  status: "ENABLED", # accepts ENABLED, DISABLED
})

Response structure

resp.pack_id #=> String
resp.name #=> String
resp.description #=> String
resp.status #=> String, one of "ENABLED", "DISABLED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :pack_id (required, String) —

  The unique identifier of the security requirement pack to update.

• :name (String) —

  The updated name of the security requirement pack.

• :description (String) —

  The updated description of the security requirement pack.

• :status (String) —

  The updated status of the security requirement pack.

Returns:

• (Types::UpdateSecurityRequirementPackOutput) —

  Returns a response object which responds to the following methods:

  • #pack_id => String
  • #name => String
  • #description => String
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5559

def update_security_requirement_pack(params = {}, options = {})
  req = build_request(:update_security_requirement_pack, params)
  req.send_request(options)
end

#update_target_domain(params = {}) ⇒ Types::UpdateTargetDomainOutput

Updates the verification method for a target domain.

Examples:

Request syntax with placeholder values

resp = client.update_target_domain({
  target_domain_id: "TargetDomainId", # required
  verification_method: "DNS_TXT", # required, accepts DNS_TXT, HTTP_ROUTE, PRIVATE_VPC
})

Response structure

resp.target_domain_id #=> String
resp.domain_name #=> String
resp.verification_status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String
resp.verification_details.method #=> String, one of "DNS_TXT", "HTTP_ROUTE", "PRIVATE_VPC"
resp.verification_details.dns_txt.token #=> String
resp.verification_details.dns_txt.dns_record_name #=> String
resp.verification_details.dns_txt.dns_record_type #=> String, one of "TXT"
resp.verification_details.http_route.token #=> String
resp.verification_details.http_route.route_path #=> String
resp.created_at #=> Time
resp.verified_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_id (required, String) —

  The unique identifier of the target domain to update.

• :verification_method (required, String) —

  The updated verification method for the target domain.

Returns:

• (Types::UpdateTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String
  • #domain_name => String
  • #verification_status => String
  • #verification_status_reason => String
  • #verification_details => Types::VerificationDetails
  • #created_at => Time
  • #verified_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5608

def update_target_domain(params = {}, options = {})
  req = build_request(:update_target_domain, params)
  req.send_request(options)
end

#update_threat(params = {}) ⇒ Types::UpdateThreatOutput

Updates a threat.

Examples:

Request syntax with placeholder values

resp = client.update_threat({
  threat_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  status: "OPEN", # accepts OPEN, RESOLVED, DISMISSED
  comments: "String",
  statement: "String",
  severity: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFO
  threat_source: "String",
  prerequisites: "String",
  threat_action: "String",
  threat_impact: "String",
  impacted_goal: ["String"],
  impacted_assets: ["String"],
  anchor: {
    kind: "String",
    id: "String",
    package_id: "String",
  },
  evidence: [
    {
      package_id: "String",
      path: "String",
    },
  ],
  recommendation: "String",
})

Response structure

resp.threat_id #=> String
resp.threat_job_id #=> String
resp.title #=> String
resp.statement #=> String
resp.severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
resp.status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
resp.comments #=> String
resp.stride #=> Array
resp.stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
resp.threat_source #=> String
resp.prerequisites #=> String
resp.threat_action #=> String
resp.threat_impact #=> String
resp.impacted_goal #=> Array
resp.impacted_goal[0] #=> String
resp.impacted_assets #=> Array
resp.impacted_assets[0] #=> String
resp.anchor.kind #=> String
resp.anchor.id #=> String
resp.anchor.package_id #=> String
resp.evidence #=> Array
resp.evidence[0].package_id #=> String
resp.evidence[0].path #=> String
resp.recommendation #=> String
resp.created_by #=> String, one of "CUSTOMER", "AGENT"
resp.updated_by #=> String, one of "CUSTOMER", "AGENT"
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :threat_id (required, String) —

  The unique identifier of the threat to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space.

• :title (String) —

  A short title summarizing the threat.

• :status (String) —

  The updated status of the threat.

• :comments (String) —

  Optional customer comment.

• :statement (String) —

  The updated natural-language threat statement.

• :severity (String) —

  The updated severity level of the threat.

• :threat_source (String) —

  The updated actor or origin of the threat.

• :prerequisites (String) —

  The updated conditions required for the threat to be exploitable.

• :threat_action (String) —

  The updated description of what the threat source can do.

• :threat_impact (String) —

  The updated direct consequence of the threat action.

• :impacted_goal (Array<String>) —

  The updated security goals affected by the threat.

• :impacted_assets (Array<String>) —

  The updated list of specific assets affected by the threat.

• :anchor (Types::ThreatAnchorShape) —

  The updated DFD element this threat is anchored to.

• :evidence (Array<Types::ThreatEvidenceShape>) —

  The updated source code files supporting the threat.

• :recommendation (String) —

  The updated recommended mitigation guidance for this threat.

Returns:

• (Types::UpdateThreatOutput) —

  Returns a response object which responds to the following methods:

  • #threat_id => String
  • #threat_job_id => String
  • #title => String
  • #statement => String
  • #severity => String
  • #status => String
  • #comments => String
  • #stride => Array<String>
  • #threat_source => String
  • #prerequisites => String
  • #threat_action => String
  • #threat_impact => String
  • #impacted_goal => Array<String>
  • #impacted_assets => Array<String>
  • #anchor => Types::ThreatAnchorShape
  • #evidence => Array<Types::ThreatEvidenceShape>
  • #recommendation => String
  • #created_by => String
  • #updated_by => String
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5752

def update_threat(params = {}, options = {})
  req = build_request(:update_threat, params)
  req.send_request(options)
end

#update_threat_model(params = {}) ⇒ Types::UpdateThreatModelOutput

Updates an existing threat model configuration.

Examples:

Request syntax with placeholder values

resp = client.update_threat_model({
  threat_model_id: "String", # required
  agent_space_id: "String", # required
  title: "String",
  description: "String",
  assets: {
    endpoints: [
      {
        uri: "String",
      },
    ],
    actors: [
      {
        identifier: "String",
        uris: ["String"],
        authentication: {
          provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
          value: "String",
        },
        description: "String",
      },
    ],
    documents: [
      {
        s3_location: "String",
        artifact_id: "String",
        integrated_document: {
          integration_id: "String", # required
          resource_id: "String", # required
        },
      },
    ],
    source_code: [
      {
        s3_location: "String",
      },
    ],
    integrated_repositories: [
      {
        integration_id: "String", # required
        provider_resource_id: "String", # required
      },
    ],
  },
  scope_docs: [
    {
      s3_location: "String",
      artifact_id: "String",
      integrated_document: {
        integration_id: "String", # required
        resource_id: "String", # required
      },
    },
  ],
  service_role: "ServiceRole",
  log_config: {
    log_group: "String",
    log_stream: "String",
  },
})

Response structure

resp.threat_model_id #=> String
resp.title #=> String
resp.agent_space_id #=> String
resp.description #=> String
resp.assets.endpoints #=> Array
resp.assets.endpoints[0].uri #=> String
resp.assets.actors #=> Array
resp.assets.actors[0].identifier #=> String
resp.assets.actors[0].uris #=> Array
resp.assets.actors[0].uris[0] #=> String
resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
resp.assets.actors[0].authentication.value #=> String
resp.assets.actors[0].description #=> String
resp.assets.documents #=> Array
resp.assets.documents[0].s3_location #=> String
resp.assets.documents[0].artifact_id #=> String
resp.assets.documents[0].integrated_document.integration_id #=> String
resp.assets.documents[0].integrated_document.resource_id #=> String
resp.assets.source_code #=> Array
resp.assets.source_code[0].s3_location #=> String
resp.assets.integrated_repositories #=> Array
resp.assets.integrated_repositories[0].integration_id #=> String
resp.assets.integrated_repositories[0].provider_resource_id #=> String
resp.scope_docs #=> Array
resp.scope_docs[0].s3_location #=> String
resp.scope_docs[0].artifact_id #=> String
resp.scope_docs[0].integrated_document.integration_id #=> String
resp.scope_docs[0].integrated_document.resource_id #=> String
resp.service_role #=> String
resp.log_config.log_group #=> String
resp.log_config.log_stream #=> String
resp.created_at #=> Time
resp.updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :threat_model_id (required, String) —

  The unique identifier of the threat model to update.

• :agent_space_id (required, String) —

  The unique identifier of the agent space that contains the threat model.

• :title (String) —

  The updated title of the threat model.

• :description (String) —

  The updated description of the application or system being threat modeled.

• :assets (Types::Assets) —

  The updated assets for the threat model.

• :scope_docs (Array<Types::DocumentInfo>) —

  The updated scoped documents for the agent to focus on during threat modeling.

• :service_role (String) —

  The updated IAM service role for the threat model.

• :log_config (Types::CloudWatchLog) —

  The updated CloudWatch Logs configuration for the threat model.

Returns:

• (Types::UpdateThreatModelOutput) —

  Returns a response object which responds to the following methods:

  • #threat_model_id => String
  • #title => String
  • #agent_space_id => String
  • #description => String
  • #assets => Types::Assets
  • #scope_docs => Array<Types::DocumentInfo>
  • #service_role => String
  • #log_config => Types::CloudWatchLog
  • #created_at => Time
  • #updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5902

def update_threat_model(params = {}, options = {})
  req = build_request(:update_threat_model, params)
  req.send_request(options)
end

#verify_target_domain(params = {}) ⇒ Types::VerifyTargetDomainOutput

Initiates verification of a target domain. This checks whether the domain ownership verification token has been properly configured.

Examples:

Request syntax with placeholder values

resp = client.verify_target_domain({
  target_domain_id: "TargetDomainId", # required
})

Response structure

resp.target_domain_id #=> String
resp.domain_name #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.verified_at #=> Time
resp.status #=> String, one of "PENDING", "VERIFIED", "FAILED", "UNREACHABLE"
resp.verification_status_reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :target_domain_id (required, String) —

  The unique identifier of the target domain to verify.

Returns:

• (Types::VerifyTargetDomainOutput) —

  Returns a response object which responds to the following methods:

  • #target_domain_id => String
  • #domain_name => String
  • #created_at => Time
  • #updated_at => Time
  • #verified_at => Time
  • #status => String
  • #verification_status_reason => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-securityagent/lib/aws-sdk-securityagent/client.rb', line 5943

def verify_target_domain(params = {}, options = {})
  req = build_request(:verify_target_domain, params)
  req.send_request(options)
end