SecurityAgent / Client / create_threat_model
create_threat_model¶
- SecurityAgent.Client.create_threat_model(**kwargs)¶
Creates a new threat model configuration in an agent space. A threat model defines the parameters for automated threat analysis.
See also: AWS API Documentation
Request Syntax
response = client.create_threat_model( title='string', agentSpaceId='string', description='string', assets={ 'endpoints': [ { 'uri': 'string' }, ], 'actors': [ { 'identifier': 'string', 'uris': [ 'string', ], 'authentication': { 'providerType': 'SECRETS_MANAGER'|'AWS_LAMBDA'|'AWS_IAM_ROLE'|'AWS_INTERNAL', 'value': 'string' }, 'description': 'string' }, ], 'documents': [ { 's3Location': 'string', 'artifactId': 'string', 'integratedDocument': { 'integrationId': 'string', 'resourceId': 'string' } }, ], 'sourceCode': [ { 's3Location': 'string' }, ], 'integratedRepositories': [ { 'integrationId': 'string', 'providerResourceId': 'string' }, ] }, scopeDocs=[ { 's3Location': 'string', 'artifactId': 'string', 'integratedDocument': { 'integrationId': 'string', 'resourceId': 'string' } }, ], serviceRole='string', logConfig={ 'logGroup': 'string', 'logStream': 'string' }, reportDestination={ 'integrationId': 'string', 'containerId': 'string', 'parentId': 'string', 'documentId': 'string' } )
- Parameters:
title (string) –
[REQUIRED]
The title of the threat model.
agentSpaceId (string) –
[REQUIRED]
The unique identifier of the agent space to create the threat model in.
description (string) – A description of the application or system being threat modeled.
assets (dict) –
The assets to include in the threat model.
endpoints (list) –
The list of endpoints to test during the pentest.
(dict) –
Represents a target endpoint for penetration testing.
uri (string) –
The URI of the endpoint.
actors (list) –
The list of actors used during penetration testing.
(dict) –
Represents an actor used during penetration testing. An actor defines a user or entity that interacts with the target application, including authentication credentials and target URIs.
identifier (string) –
The unique identifier for the actor.
uris (list) –
The list of URIs that the actor targets during testing.
(string) –
authentication (dict) –
The authentication configuration for the actor.
providerType (string) –
The type of authentication provider. Valid values include SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, and AWS_INTERNAL.
value (string) –
The authentication value, such as a secret ARN, Lambda function ARN, or IAM role ARN, depending on the provider type.
description (string) –
A description of the actor.
documents (list) –
The list of documents that provide context for the pentest.
(dict) –
Represents a document that provides context for security testing.
s3Location (string) –
The Amazon S3 location of the document.
artifactId (string) –
The unique identifier of the artifact associated with the document.
integratedDocument (dict) –
A reference to a document in an integrated third-party provider.
integrationId (string) – [REQUIRED]
The identifier of the integration that provides access to the document.
resourceId (string) – [REQUIRED]
The provider-specific resource identifier for the document.
sourceCode (list) –
The list of source code repositories to analyze during the pentest.
(dict) –
Represents a source code repository used for security analysis during a pentest.
s3Location (string) –
The Amazon S3 location of the source code repository archive.
integratedRepositories (list) –
The list of integrated repositories associated with the pentest.
(dict) –
Represents a code repository that is integrated with the service through a third-party provider.
integrationId (string) – [REQUIRED]
The unique identifier of the integration that provides access to the repository.
providerResourceId (string) – [REQUIRED]
The provider-specific resource identifier for the repository.
scopeDocs (list) –
The scoped documents for the agent to focus on during threat modeling.
(dict) –
Represents a document that provides context for security testing.
s3Location (string) –
The Amazon S3 location of the document.
artifactId (string) –
The unique identifier of the artifact associated with the document.
integratedDocument (dict) –
A reference to a document in an integrated third-party provider.
integrationId (string) – [REQUIRED]
The identifier of the integration that provides access to the document.
resourceId (string) – [REQUIRED]
The provider-specific resource identifier for the document.
serviceRole (string) –
[REQUIRED]
The IAM service role to use for the threat model.
logConfig (dict) –
The CloudWatch Logs configuration for the threat model.
logGroup (string) –
The name of the CloudWatch log group.
logStream (string) –
The name of the CloudWatch log stream.
reportDestination (dict) –
The destination for publishing scan reports to an integrated document provider.
integrationId (string) – [REQUIRED]
The integration identifier for the document provider.
containerId (string) – [REQUIRED]
The container identifier where the report will be published.
parentId (string) –
The parent document identifier under which the report will be created.
documentId (string) –
The existing document identifier to update instead of creating a new document.
- Return type:
dict
- Returns:
Response Syntax
{ 'threatModelId': 'string', 'title': 'string', 'agentSpaceId': 'string', 'description': 'string', 'assets': { 'endpoints': [ { 'uri': 'string' }, ], 'actors': [ { 'identifier': 'string', 'uris': [ 'string', ], 'authentication': { 'providerType': 'SECRETS_MANAGER'|'AWS_LAMBDA'|'AWS_IAM_ROLE'|'AWS_INTERNAL', 'value': 'string' }, 'description': 'string' }, ], 'documents': [ { 's3Location': 'string', 'artifactId': 'string', 'integratedDocument': { 'integrationId': 'string', 'resourceId': 'string' } }, ], 'sourceCode': [ { 's3Location': 'string' }, ], 'integratedRepositories': [ { 'integrationId': 'string', 'providerResourceId': 'string' }, ] }, 'scopeDocs': [ { 's3Location': 'string', 'artifactId': 'string', 'integratedDocument': { 'integrationId': 'string', 'resourceId': 'string' } }, ], 'serviceRole': 'string', 'logConfig': { 'logGroup': 'string', 'logStream': 'string' }, 'createdAt': datetime(2015, 1, 1), 'updatedAt': datetime(2015, 1, 1) }
Response Structure
(dict) –
Output for the CreateThreatModel operation.
threatModelId (string) –
The unique identifier of the created threat model.
title (string) –
The title of the threat model.
agentSpaceId (string) –
The unique identifier of the agent space that contains the threat model.
description (string) –
A description of the application or system being threat modeled.
assets (dict) –
The assets included in the threat model.
endpoints (list) –
The list of endpoints to test during the pentest.
(dict) –
Represents a target endpoint for penetration testing.
uri (string) –
The URI of the endpoint.
actors (list) –
The list of actors used during penetration testing.
(dict) –
Represents an actor used during penetration testing. An actor defines a user or entity that interacts with the target application, including authentication credentials and target URIs.
identifier (string) –
The unique identifier for the actor.
uris (list) –
The list of URIs that the actor targets during testing.
(string) –
authentication (dict) –
The authentication configuration for the actor.
providerType (string) –
The type of authentication provider. Valid values include SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, and AWS_INTERNAL.
value (string) –
The authentication value, such as a secret ARN, Lambda function ARN, or IAM role ARN, depending on the provider type.
description (string) –
A description of the actor.
documents (list) –
The list of documents that provide context for the pentest.
(dict) –
Represents a document that provides context for security testing.
s3Location (string) –
The Amazon S3 location of the document.
artifactId (string) –
The unique identifier of the artifact associated with the document.
integratedDocument (dict) –
A reference to a document in an integrated third-party provider.
integrationId (string) –
The identifier of the integration that provides access to the document.
resourceId (string) –
The provider-specific resource identifier for the document.
sourceCode (list) –
The list of source code repositories to analyze during the pentest.
(dict) –
Represents a source code repository used for security analysis during a pentest.
s3Location (string) –
The Amazon S3 location of the source code repository archive.
integratedRepositories (list) –
The list of integrated repositories associated with the pentest.
(dict) –
Represents a code repository that is integrated with the service through a third-party provider.
integrationId (string) –
The unique identifier of the integration that provides access to the repository.
providerResourceId (string) –
The provider-specific resource identifier for the repository.
scopeDocs (list) –
The scoped documents for the agent to focus on during threat modeling.
(dict) –
Represents a document that provides context for security testing.
s3Location (string) –
The Amazon S3 location of the document.
artifactId (string) –
The unique identifier of the artifact associated with the document.
integratedDocument (dict) –
A reference to a document in an integrated third-party provider.
integrationId (string) –
The identifier of the integration that provides access to the document.
resourceId (string) –
The provider-specific resource identifier for the document.
serviceRole (string) –
The IAM service role used for the threat model.
logConfig (dict) –
The CloudWatch Logs configuration for the threat model.
logGroup (string) –
The name of the CloudWatch log group.
logStream (string) –
The name of the CloudWatch log stream.
createdAt (datetime) –
The date and time the threat model was created, in UTC format.
updatedAt (datetime) –
The date and time the threat model was last updated, in UTC format.