SDK for PHP V3
AWS Security Agent 2025-09-06
- Client: Aws\SecurityAgent\SecurityAgentClient
- Service ID: securityagent
- Version: 2025-09-06
This page describes the parameters and results for the operations of the AWS Security Agent (2025-09-06), and shows how to use the Aws\SecurityAgent\SecurityAgentClient object to call the described operations. This documentation is specific to the 2025-09-06 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- AddArtifact ( array $params = [] )
- Uploads an artifact to an agent space.
- BatchCreateSecurityRequirements ( array $params = [] )
- Batch creates security requirements in a customer managed pack.
- BatchDeleteCodeReviews ( array $params = [] )
- Deletes one or more code reviews from an agent space.
- BatchDeletePentests ( array $params = [] )
- Deletes one or more pentests from an agent space.
- BatchDeleteSecurityRequirements ( array $params = [] )
- Batch deletes security requirements from a customer managed pack.
- BatchDeleteThreatModels ( array $params = [] )
- Deletes one or more threat models from an agent space.
- BatchGetAgentSpaces ( array $params = [] )
- Retrieves information about one or more agent spaces.
- BatchGetArtifactMetadata ( array $params = [] )
- Retrieves metadata for one or more artifacts in an agent space.
- BatchGetCodeReviewJobTasks ( array $params = [] )
- Retrieves information about one or more tasks within a code review job.
- BatchGetCodeReviewJobs ( array $params = [] )
- Retrieves information about one or more code review jobs in an agent space.
- BatchGetCodeReviews ( array $params = [] )
- Retrieves information about one or more code reviews in an agent space.
- BatchGetFindings ( array $params = [] )
- Retrieves information about one or more security findings in an agent space.
- BatchGetPentestJobTasks ( array $params = [] )
- Retrieves information about one or more tasks within a pentest job.
- BatchGetPentestJobs ( array $params = [] )
- Retrieves information about one or more pentest jobs in an agent space.
- BatchGetPentests ( array $params = [] )
- Retrieves information about one or more pentests in an agent space.
- BatchGetSecurityRequirements ( array $params = [] )
- Batch retrieves security requirements from a pack.
- BatchGetTargetDomains ( array $params = [] )
- Retrieves information about one or more target domains.
- BatchGetThreatModelJobTasks ( array $params = [] )
- Retrieves information about one or more tasks within a threat model job.
- BatchGetThreatModelJobs ( array $params = [] )
- Retrieves information about one or more threat model jobs in an agent space.
- BatchGetThreatModels ( array $params = [] )
- Retrieves information about one or more threat models in an agent space.
- BatchGetThreats ( array $params = [] )
- Retrieves information about one or more threats.
- BatchUpdateSecurityRequirements ( array $params = [] )
- Batch updates security requirements within a customer managed pack.
- CreateAgentSpace ( array $params = [] )
- Creates a new agent space.
- CreateApplication ( array $params = [] )
- Creates a new application.
- CreateCodeReview ( array $params = [] )
- Creates a new code review configuration in an agent space.
- CreateIntegration ( array $params = [] )
- Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.
- CreateMembership ( array $params = [] )
- Creates a new membership, granting a user access to an agent space within an application.
- CreatePentest ( array $params = [] )
- Creates a new pentest configuration in an agent space.
- CreatePrivateConnection ( array $params = [] )
- Creates a private connection for reaching a self-hosted provider instance over private networking using Amazon VPC Lattice.
- CreateSecurityRequirementPack ( array $params = [] )
- Creates a customer managed security requirement pack.
- CreateTargetDomain ( array $params = [] )
- Creates a new target domain for penetration testing.
- CreateThreat ( array $params = [] )
- Creates a new threat under a threat model job.
- CreateThreatModel ( array $params = [] )
- Creates a new threat model configuration in an agent space.
- DeleteAgentSpace ( array $params = [] )
- Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.
- DeleteApplication ( array $params = [] )
- Deletes an application and its associated configuration, including IAM Identity Center settings.
- DeleteArtifact ( array $params = [] )
- Deletes an artifact from an agent space.
- DeleteIntegration ( array $params = [] )
- Deletes an integration with a third-party provider.
- DeleteMembership ( array $params = [] )
- Deletes a membership, revoking a user's access to an agent space.
- DeletePrivateConnection ( array $params = [] )
- Deletes a private connection.
- DeleteSecurityRequirementPack ( array $params = [] )
- Deletes a customer managed security requirement pack and all its associated security requirements.
- DeleteTargetDomain ( array $params = [] )
- Deletes a target domain registration.
- DescribePrivateConnection ( array $params = [] )
- Retrieves the details of a private connection.
- GetApplication ( array $params = [] )
- Retrieves information about an application.
- GetArtifact ( array $params = [] )
- Retrieves an artifact from an agent space.
- GetIntegration ( array $params = [] )
- Retrieves information about an integration.
- GetSecurityRequirementPack ( array $params = [] )
- Retrieves information about a security requirement pack.
- ImportSecurityRequirements ( array $params = [] )
- Imports security requirements from uploaded documents into a customer managed security requirement pack.
- InitiateProviderRegistration ( array $params = [] )
- Initiates the OAuth registration flow with a third-party provider.
- ListAgentSpaces ( array $params = [] )
- Returns a paginated list of agent space summaries in your account.
- ListApplications ( array $params = [] )
- Returns a paginated list of application summaries in your account.
- ListArtifacts ( array $params = [] )
- Returns a paginated list of artifact summaries for the specified agent space.
- ListCodeReviewJobTasks ( array $params = [] )
- Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.
- ListCodeReviewJobsForCodeReview ( array $params = [] )
- Returns a paginated list of code review job summaries for the specified code review configuration.
- ListCodeReviews ( array $params = [] )
- Returns a paginated list of code review summaries for the specified agent space.
- ListDiscoveredEndpoints ( array $params = [] )
- Returns a paginated list of endpoints discovered during a pentest job execution.
- ListFindings ( array $params = [] )
- Lists the security findings for a pentest job.
- ListIntegratedResources ( array $params = [] )
- Lists the integrated resources for an agent space, optionally filtered by integration or resource type.
- ListIntegrations ( array $params = [] )
- Lists the integrations in your account, optionally filtered by provider or provider type.
- ListMemberships ( array $params = [] )
- Returns a paginated list of membership summaries for the specified agent space within an application.
- ListPentestJobTasks ( array $params = [] )
- Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.
- ListPentestJobsForPentest ( array $params = [] )
- Returns a paginated list of pentest job summaries for the specified pentest configuration.
- ListPentests ( array $params = [] )
- Returns a paginated list of pentest summaries for the specified agent space.
- ListPrivateConnections ( array $params = [] )
- Lists the private connections in your account.
- ListSecurityRequirementPacks ( array $params = [] )
- Lists all security requirement packs in the caller's account.
- ListSecurityRequirements ( array $params = [] )
- Lists security requirements within a pack.
- ListTagsForResource ( array $params = [] )
- Returns the tags associated with the specified resource.
- ListTargetDomains ( array $params = [] )
- Returns a paginated list of target domain summaries in your account.
- ListThreatModelJobTasks ( array $params = [] )
- Returns a paginated list of task summaries for the specified threat model job.
- ListThreatModelJobs ( array $params = [] )
- Returns a paginated list of threat model job summaries for the specified threat model.
- ListThreatModels ( array $params = [] )
- Returns a paginated list of threat model summaries for the specified agent space.
- ListThreats ( array $params = [] )
- Returns a paginated list of threats for a threat model job.
- StartCodeRemediation ( array $params = [] )
- Initiates code remediation for one or more security findings.
- StartCodeReviewJob ( array $params = [] )
- Starts a new code review job for a code review configuration.
- StartPentestJob ( array $params = [] )
- Starts a new pentest job for a pentest configuration.
- StartThreatModelJob ( array $params = [] )
- Starts a new threat model job for a threat model configuration.
- StopCodeReviewJob ( array $params = [] )
- Stops a running code review job.
- StopPentestJob ( array $params = [] )
- Stops a running pentest job.
- StopThreatModelJob ( array $params = [] )
- Stops a running threat model job.
- TagResource ( array $params = [] )
- Adds tags to a resource.
- UntagResource ( array $params = [] )
- Removes tags from a resource.
- UpdateAgentSpace ( array $params = [] )
- Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.
- UpdateApplication ( array $params = [] )
- Updates the configuration of an existing application, including the IAM role and default KMS key.
- UpdateCodeReview ( array $params = [] )
- Updates an existing code review configuration.
- UpdateFinding ( array $params = [] )
- Updates the status or risk level of a security finding.
- UpdateIntegratedResources ( array $params = [] )
- Updates the integrated resources for an agent space, including their capabilities.
- UpdatePentest ( array $params = [] )
- Updates an existing pentest configuration.
- UpdatePrivateConnectionCertificate ( array $params = [] )
- Updates the certificate associated with a private connection.
- UpdateSecurityRequirementPack ( array $params = [] )
- Updates a security requirement pack.
- UpdateTargetDomain ( array $params = [] )
- Updates the verification method for a target domain.
- UpdateThreat ( array $params = [] )
- Updates a threat.
- UpdateThreatModel ( array $params = [] )
- Updates an existing threat model configuration.
- VerifyTargetDomain ( array $params = [] )
- Initiates verification of a target domain.
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
- ListAgentSpaces
- ListApplications
- ListArtifacts
- ListCodeReviewJobTasks
- ListCodeReviewJobsForCodeReview
- ListCodeReviews
- ListDiscoveredEndpoints
- ListFindings
- ListIntegratedResources
- ListIntegrations
- ListMemberships
- ListPentestJobTasks
- ListPentestJobsForPentest
- ListPentests
- ListPrivateConnections
- ListSecurityRequirementPacks
- ListSecurityRequirements
- ListTargetDomains
- ListThreatModelJobTasks
- ListThreatModelJobs
- ListThreatModels
- ListThreats
Operations
AddArtifact
$result = $client->addArtifact([/* ... */]); $promise = $client->addArtifactAsync([/* ... */]);
Uploads an artifact to an agent space. Artifacts provide additional context for security testing, such as architecture diagrams, API specifications, or configuration files.
Parameter Syntax
$result = $client->addArtifact([
'agentSpaceId' => '<string>', // REQUIRED
'artifactContent' => <string || resource || Psr\Http\Message\StreamInterface>, // REQUIRED
'artifactType' => 'TXT|PNG|JPEG|MD|PDF|DOCX|DOC|JSON|YAML', // REQUIRED
'fileName' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to add the artifact to.
- artifactContent
-
- Required: Yes
- Type: blob (string|resource|Psr\Http\Message\StreamInterface)
The binary content of the artifact to upload.
- artifactType
-
- Required: Yes
- Type: string
The file type of the artifact. Valid values include TXT, PNG, JPEG, MD, PDF, DOCX, DOC, JSON, and YAML.
- fileName
-
- Required: Yes
- Type: string
The file name of the artifact.
Result Syntax
[
'artifactId' => '<string>',
]
Result Details
Members
- artifactId
-
- Required: Yes
- Type: string
The unique identifier assigned to the uploaded artifact.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
BatchCreateSecurityRequirements
$result = $client->batchCreateSecurityRequirements([/* ... */]); $promise = $client->batchCreateSecurityRequirementsAsync([/* ... */]);
Batch creates security requirements in a customer managed pack.
Parameter Syntax
$result = $client->batchCreateSecurityRequirements([
'packId' => '<string>', // REQUIRED
'securityRequirements' => [ // REQUIRED
[
'description' => '<string>', // REQUIRED
'domain' => '<string>', // REQUIRED
'evaluation' => '<string>', // REQUIRED
'name' => '<string>', // REQUIRED
'remediation' => '<string>',
],
// ...
],
]);
Parameter Details
Members
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to add requirements to.
- securityRequirements
-
- Required: Yes
- Type: Array of CreateSecurityRequirementEntry structures
The list of security requirements to create.
Result Syntax
[
'errors' => [
[
'code' => '<string>',
'message' => '<string>',
'securityRequirementName' => '<string>',
],
// ...
],
'securityRequirements' => [
[
'createdAt' => <DateTime>,
'description' => '<string>',
'domain' => '<string>',
'evaluation' => '<string>',
'name' => '<string>',
'packId' => '<string>',
'remediation' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- errors
-
- Required: Yes
- Type: Array of BatchSecurityRequirementError structures
The list of errors for security requirements that failed to be created.
- securityRequirements
-
- Required: Yes
- Type: Array of BatchCreateSecurityRequirementResult structures
The list of security requirements that were successfully created.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
- ServiceQuotaExceededException:
The request exceeds a service quota. Review your current usage and request a quota increase if needed.
BatchDeleteCodeReviews
$result = $client->batchDeleteCodeReviews([/* ... */]); $promise = $client->batchDeleteCodeReviewsAsync([/* ... */]);
Deletes one or more code reviews from an agent space.
Parameter Syntax
$result = $client->batchDeleteCodeReviews([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the code reviews to delete.
- codeReviewIds
-
- Required: Yes
- Type: Array of strings
The list of code review identifiers to delete.
Result Syntax
[
'deleted' => ['<string>', ...],
'failed' => [
[
'codeReviewId' => '<string>',
'reason' => '<string>',
],
// ...
],
]
Result Details
Members
- deleted
-
- Type: Array of strings
The list of identifiers of the code reviews that were successfully deleted.
- failed
-
- Type: Array of DeleteCodeReviewFailure structures
The list of code reviews that failed to delete, including the reason for each failure.
Errors
There are no errors described for this operation.
BatchDeletePentests
$result = $client->batchDeletePentests([/* ... */]); $promise = $client->batchDeletePentestsAsync([/* ... */]);
Deletes one or more pentests from an agent space.
Parameter Syntax
$result = $client->batchDeletePentests([
'agentSpaceId' => '<string>', // REQUIRED
'pentestIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the pentests to delete.
- pentestIds
-
- Required: Yes
- Type: Array of strings
The list of pentest identifiers to delete.
Result Syntax
[
'deleted' => [
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'cleanUpStrategy' => 'BEST_EFFORT_DELETE|RETAIN_ALL',
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'createdAt' => <DateTime>,
'disableManagedSkills' => ['<string>', ...],
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
],
// ...
],
'failed' => [
[
'pentestId' => '<string>',
'reason' => '<string>',
],
// ...
],
]
Result Details
Members
- deleted
-
- Type: Array of Pentest structures
The list of pentests that were successfully deleted.
- failed
-
- Type: Array of DeletePentestFailure structures
The list of pentests that failed to delete, including the reason for each failure.
Errors
There are no errors described for this operation.
BatchDeleteSecurityRequirements
$result = $client->batchDeleteSecurityRequirements([/* ... */]); $promise = $client->batchDeleteSecurityRequirementsAsync([/* ... */]);
Batch deletes security requirements from a customer managed pack.
Parameter Syntax
$result = $client->batchDeleteSecurityRequirements([
'packId' => '<string>', // REQUIRED
'securityRequirementNames' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to remove requirements from.
- securityRequirementNames
-
- Required: Yes
- Type: Array of strings
The list of security requirement names to delete.
Result Syntax
[
'deletedSecurityRequirementNames' => ['<string>', ...],
'errors' => [
[
'code' => '<string>',
'message' => '<string>',
'securityRequirementName' => '<string>',
],
// ...
],
]
Result Details
Members
- deletedSecurityRequirementNames
-
- Required: Yes
- Type: Array of strings
The list of security requirement names that were successfully deleted.
- errors
-
- Required: Yes
- Type: Array of BatchSecurityRequirementError structures
The list of errors for security requirements that failed to be deleted.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
BatchDeleteThreatModels
$result = $client->batchDeleteThreatModels([/* ... */]); $promise = $client->batchDeleteThreatModelsAsync([/* ... */]);
Deletes one or more threat models from an agent space.
Parameter Syntax
$result = $client->batchDeleteThreatModels([
'agentSpaceId' => '<string>', // REQUIRED
'threatModelIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the threat models to delete.
- threatModelIds
-
- Required: Yes
- Type: Array of strings
The list of threat model identifiers to delete.
Result Syntax
[
'deleted' => ['<string>', ...],
'failed' => [
[
'reason' => '<string>',
'threatModelId' => '<string>',
],
// ...
],
]
Result Details
Members
- deleted
-
- Type: Array of strings
The list of threat model identifiers that were successfully deleted.
- failed
-
- Type: Array of DeleteThreatModelFailure structures
The list of threat models that failed to delete, including the reason for each failure.
Errors
There are no errors described for this operation.
BatchGetAgentSpaces
$result = $client->batchGetAgentSpaces([/* ... */]); $promise = $client->batchGetAgentSpacesAsync([/* ... */]);
Retrieves information about one or more agent spaces.
Parameter Syntax
$result = $client->batchGetAgentSpaces([
'agentSpaceIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceIds
-
- Required: Yes
- Type: Array of strings
The list of agent space identifiers to retrieve.
Result Syntax
[
'agentSpaces' => [
[
'agentSpaceId' => '<string>',
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false,
'generalPurposeScanning' => true || false,
],
'createdAt' => <DateTime>,
'description' => '<string>',
'kmsKeyId' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
'updatedAt' => <DateTime>,
],
// ...
],
'notFound' => ['<string>', ...],
]
Result Details
Members
- agentSpaces
-
- Type: Array of AgentSpace structures
The list of agent spaces that were found.
- notFound
-
- Type: Array of strings
The list of agent space identifiers that were not found.
Errors
There are no errors described for this operation.
BatchGetArtifactMetadata
$result = $client->batchGetArtifactMetadata([/* ... */]); $promise = $client->batchGetArtifactMetadataAsync([/* ... */]);
Retrieves metadata for one or more artifacts in an agent space.
Parameter Syntax
$result = $client->batchGetArtifactMetadata([
'agentSpaceId' => '<string>', // REQUIRED
'artifactIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the artifacts.
- artifactIds
-
- Required: Yes
- Type: Array of strings
The list of artifact identifiers to retrieve metadata for.
Result Syntax
[
'artifactMetadataList' => [
[
'agentSpaceId' => '<string>',
'artifactId' => '<string>',
'fileName' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- artifactMetadataList
-
- Required: Yes
- Type: Array of ArtifactMetadataItem structures
The list of artifact metadata items that were found.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
BatchGetCodeReviewJobTasks
$result = $client->batchGetCodeReviewJobTasks([/* ... */]); $promise = $client->batchGetCodeReviewJobTasksAsync([/* ... */]);
Retrieves information about one or more tasks within a code review job.
Parameter Syntax
$result = $client->batchGetCodeReviewJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewJobTaskIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the tasks.
- codeReviewJobTaskIds
-
- Required: Yes
- Type: Array of strings
The list of task identifiers to retrieve.
Result Syntax
[
'codeReviewJobTasks' => [
[
'agentSpaceId' => '<string>',
'categories' => [
[
'isPrimary' => true || false,
'name' => '<string>',
],
// ...
],
'codeReviewId' => '<string>',
'codeReviewJobId' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'logsLocation' => [
'cloudWatchLog' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'logType' => 'CLOUDWATCH',
],
'riskType' => 'CROSS_SITE_SCRIPTING|DEFAULT_CREDENTIALS|INSECURE_DIRECT_OBJECT_REFERENCE|PRIVILEGE_ESCALATION|SERVER_SIDE_TEMPLATE_INJECTION|COMMAND_INJECTION|CODE_INJECTION|SQL_INJECTION|ARBITRARY_FILE_UPLOAD|INSECURE_DESERIALIZATION|LOCAL_FILE_INCLUSION|INFORMATION_DISCLOSURE|PATH_TRAVERSAL|SERVER_SIDE_REQUEST_FORGERY|JSON_WEB_TOKEN_VULNERABILITIES|XML_EXTERNAL_ENTITY|FILE_DELETION|OTHER|GRAPHQL_VULNERABILITIES|BUSINESS_LOGIC_VULNERABILITIES|CRYPTOGRAPHIC_VULNERABILITIES|DENIAL_OF_SERVICE|FILE_ACCESS|FILE_CREATION|DATABASE_MODIFICATION|DATABASE_ACCESS|OUTBOUND_SERVICE_REQUEST|UNKNOWN',
'taskId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'notFound' => ['<string>', ...],
]
Result Details
Members
- codeReviewJobTasks
-
- Type: Array of CodeReviewJobTask structures
The list of code review job tasks that were found.
- notFound
-
- Type: Array of strings
The list of task identifiers that were not found.
Errors
There are no errors described for this operation.
BatchGetCodeReviewJobs
$result = $client->batchGetCodeReviewJobs([/* ... */]); $promise = $client->batchGetCodeReviewJobsAsync([/* ... */]);
Retrieves information about one or more code review jobs in an agent space.
Parameter Syntax
$result = $client->batchGetCodeReviewJobs([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewJobIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the code review jobs.
- codeReviewJobIds
-
- Required: Yes
- Type: Array of strings
The list of code review job identifiers to retrieve.
Result Syntax
[
'codeReviewJobs' => [
[
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'codeReviewId' => '<string>',
'codeReviewJobId' => '<string>',
'createdAt' => <DateTime>,
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'errorInformation' => [
'code' => 'CLIENT_ERROR|INTERNAL_ERROR|STOPPED_BY_USER',
'message' => '<string>',
],
'executionContext' => [
[
'context' => '<string>',
'contextType' => 'ERROR|CLIENT_ERROR|WARNING|INFO',
'timestamp' => <DateTime>,
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'overview' => '<string>',
'serviceRole' => '<string>',
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'steps' => [
[
'createdAt' => <DateTime>,
'name' => 'PREFLIGHT|STATIC_ANALYSIS|PENTEST|FINALIZING|VALIDATION',
'status' => 'NOT_STARTED|IN_PROGRESS|COMPLETED|FAILED|STOPPED',
'updatedAt' => <DateTime>,
],
// ...
],
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'notFound' => ['<string>', ...],
]
Result Details
Members
- codeReviewJobs
-
- Type: Array of CodeReviewJob structures
The list of code review jobs that were found.
- notFound
-
- Type: Array of strings
The list of code review job identifiers that were not found.
Errors
There are no errors described for this operation.
BatchGetCodeReviews
$result = $client->batchGetCodeReviews([/* ... */]); $promise = $client->batchGetCodeReviewsAsync([/* ... */]);
Retrieves information about one or more code reviews in an agent space.
Parameter Syntax
$result = $client->batchGetCodeReviews([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the code reviews.
- codeReviewIds
-
- Required: Yes
- Type: Array of strings
The list of code review identifiers to retrieve.
Result Syntax
[
'codeReviews' => [
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'codeReviewId' => '<string>',
'createdAt' => <DateTime>,
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'validationMode' => 'DISABLED|SIMULATED',
],
// ...
],
'notFound' => ['<string>', ...],
]
Result Details
Members
- codeReviews
-
- Type: Array of CodeReview structures
The list of code reviews that were found.
- notFound
-
- Type: Array of strings
The list of code review identifiers that were not found.
Errors
There are no errors described for this operation.
BatchGetFindings
$result = $client->batchGetFindings([/* ... */]); $promise = $client->batchGetFindingsAsync([/* ... */]);
Retrieves information about one or more security findings in an agent space.
Parameter Syntax
$result = $client->batchGetFindings([
'agentSpaceId' => '<string>', // REQUIRED
'findingIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the findings.
- findingIds
-
- Required: Yes
- Type: Array of strings
The list of finding identifiers to retrieve.
Result Syntax
[
'findings' => [
[
'agentSpaceId' => '<string>',
'alignmentRationale' => '<string>',
'attackScript' => '<string>',
'codeLocations' => [
[
'filePath' => '<string>',
'label' => '<string>',
'lineEnd' => <integer>,
'lineStart' => <integer>,
],
// ...
],
'codeRemediationTask' => [
'status' => 'IN_PROGRESS|COMPLETED|FAILED',
'statusReason' => '<string>',
'taskDetails' => [
[
'codeDiffLink' => '<string>',
'pullRequestLink' => '<string>',
'repoName' => '<string>',
],
// ...
],
],
'codeReviewId' => '<string>',
'codeReviewJobId' => '<string>',
'confidence' => 'FALSE_POSITIVE|UNCONFIRMED|LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'customerNote' => '<string>',
'description' => '<string>',
'findingId' => '<string>',
'lastUpdatedBy' => '<string>',
'name' => '<string>',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'reasoning' => '<string>',
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'riskScore' => '<string>',
'riskType' => '<string>',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
'taskId' => '<string>',
'updatedAt' => <DateTime>,
'validationStatus' => 'CONFIRMED|NOT_REPRODUCED|VALIDATION_FAILED|VALIDATING|NOT_VALIDATED',
'verificationScript' => [
'envVars' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'instructions' => '<string>',
'scriptType' => '<string>',
'scriptUrl' => '<string>',
],
],
// ...
],
'notFound' => ['<string>', ...],
]
Result Details
Members
- findings
-
- Type: Array of Finding structures
The list of findings that were found.
- notFound
-
- Type: Array of strings
The list of finding identifiers that were not found.
Errors
There are no errors described for this operation.
BatchGetPentestJobTasks
$result = $client->batchGetPentestJobTasks([/* ... */]); $promise = $client->batchGetPentestJobTasksAsync([/* ... */]);
Retrieves information about one or more tasks within a pentest job.
Parameter Syntax
$result = $client->batchGetPentestJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'taskIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the tasks.
- taskIds
-
- Required: Yes
- Type: Array of strings
The list of task identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'tasks' => [
[
'agentSpaceId' => '<string>',
'categories' => [
[
'isPrimary' => true || false,
'name' => '<string>',
],
// ...
],
'createdAt' => <DateTime>,
'description' => '<string>',
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'logsLocation' => [
'cloudWatchLog' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'logType' => 'CLOUDWATCH',
],
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'riskType' => 'CROSS_SITE_SCRIPTING|DEFAULT_CREDENTIALS|INSECURE_DIRECT_OBJECT_REFERENCE|PRIVILEGE_ESCALATION|SERVER_SIDE_TEMPLATE_INJECTION|COMMAND_INJECTION|CODE_INJECTION|SQL_INJECTION|ARBITRARY_FILE_UPLOAD|INSECURE_DESERIALIZATION|LOCAL_FILE_INCLUSION|INFORMATION_DISCLOSURE|PATH_TRAVERSAL|SERVER_SIDE_REQUEST_FORGERY|JSON_WEB_TOKEN_VULNERABILITIES|XML_EXTERNAL_ENTITY|FILE_DELETION|OTHER|GRAPHQL_VULNERABILITIES|BUSINESS_LOGIC_VULNERABILITIES|CRYPTOGRAPHIC_VULNERABILITIES|DENIAL_OF_SERVICE|FILE_ACCESS|FILE_CREATION|DATABASE_MODIFICATION|DATABASE_ACCESS|OUTBOUND_SERVICE_REQUEST|UNKNOWN',
'targetEndpoint' => [
'uri' => '<string>',
],
'taskId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of task identifiers that were not found.
- tasks
-
- Type: Array of Task structures
The list of tasks that were found.
Errors
There are no errors described for this operation.
BatchGetPentestJobs
$result = $client->batchGetPentestJobs([/* ... */]); $promise = $client->batchGetPentestJobsAsync([/* ... */]);
Retrieves information about one or more pentest jobs in an agent space.
Parameter Syntax
$result = $client->batchGetPentestJobs([
'agentSpaceId' => '<string>', // REQUIRED
'pentestJobIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the pentest jobs.
- pentestJobIds
-
- Required: Yes
- Type: Array of strings
The list of pentest job identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'pentestJobs' => [
[
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'allowedDomains' => [
[
'uri' => '<string>',
],
// ...
],
'cleanUpStrategy' => 'BEST_EFFORT_DELETE|RETAIN_ALL',
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'createdAt' => <DateTime>,
'disableManagedSkills' => ['<string>', ...],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'errorInformation' => [
'code' => 'CLIENT_ERROR|INTERNAL_ERROR|STOPPED_BY_USER',
'message' => '<string>',
],
'excludePaths' => [
[
'uri' => '<string>',
],
// ...
],
'excludeRiskTypes' => ['<string>', ...],
'executionContext' => [
[
'context' => '<string>',
'contextType' => 'ERROR|CLIENT_ERROR|WARNING|INFO',
'timestamp' => <DateTime>,
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'overview' => '<string>',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'serviceRole' => '<string>',
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'steps' => [
[
'createdAt' => <DateTime>,
'name' => 'PREFLIGHT|STATIC_ANALYSIS|PENTEST|FINALIZING|VALIDATION',
'status' => 'NOT_STARTED|IN_PROGRESS|COMPLETED|FAILED|STOPPED',
'updatedAt' => <DateTime>,
],
// ...
],
'title' => '<string>',
'updatedAt' => <DateTime>,
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of pentest job identifiers that were not found.
- pentestJobs
-
- Type: Array of PentestJob structures
The list of pentest jobs that were found.
Errors
There are no errors described for this operation.
BatchGetPentests
$result = $client->batchGetPentests([/* ... */]); $promise = $client->batchGetPentestsAsync([/* ... */]);
Retrieves information about one or more pentests in an agent space.
Parameter Syntax
$result = $client->batchGetPentests([
'agentSpaceId' => '<string>', // REQUIRED
'pentestIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the pentests.
- pentestIds
-
- Required: Yes
- Type: Array of strings
The list of pentest identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'pentests' => [
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'cleanUpStrategy' => 'BEST_EFFORT_DELETE|RETAIN_ALL',
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'createdAt' => <DateTime>,
'disableManagedSkills' => ['<string>', ...],
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of pentest identifiers that were not found.
- pentests
-
- Type: Array of Pentest structures
The list of pentests that were found.
Errors
There are no errors described for this operation.
BatchGetSecurityRequirements
$result = $client->batchGetSecurityRequirements([/* ... */]); $promise = $client->batchGetSecurityRequirementsAsync([/* ... */]);
Batch retrieves security requirements from a pack.
Parameter Syntax
$result = $client->batchGetSecurityRequirements([
'packId' => '<string>', // REQUIRED
'securityRequirementNames' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to retrieve requirements from.
- securityRequirementNames
-
- Required: Yes
- Type: Array of strings
The list of security requirement names to retrieve.
Result Syntax
[
'errors' => [
[
'code' => '<string>',
'message' => '<string>',
'securityRequirementName' => '<string>',
],
// ...
],
'securityRequirements' => [
[
'createdAt' => <DateTime>,
'description' => '<string>',
'domain' => '<string>',
'evaluation' => '<string>',
'name' => '<string>',
'packId' => '<string>',
'remediation' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- errors
-
- Required: Yes
- Type: Array of BatchSecurityRequirementError structures
The list of errors for security requirements that failed to be retrieved.
- securityRequirements
-
- Required: Yes
- Type: Array of BatchGetSecurityRequirementResult structures
The list of security requirements that were successfully retrieved.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
BatchGetTargetDomains
$result = $client->batchGetTargetDomains([/* ... */]); $promise = $client->batchGetTargetDomainsAsync([/* ... */]);
Retrieves information about one or more target domains.
Parameter Syntax
$result = $client->batchGetTargetDomains([
'targetDomainIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- targetDomainIds
-
- Required: Yes
- Type: Array of strings
The list of target domain identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'targetDomains' => [
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationDetails' => [
'dnsTxt' => [
'dnsRecordName' => '<string>',
'dnsRecordType' => 'TXT',
'token' => '<string>',
],
'httpRoute' => [
'routePath' => '<string>',
'token' => '<string>',
],
'method' => 'DNS_TXT|HTTP_ROUTE|PRIVATE_VPC',
],
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'verificationStatusReason' => '<string>',
'verifiedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of target domain identifiers that were not found.
- targetDomains
-
- Type: Array of TargetDomain structures
The list of target domains that were found.
Errors
There are no errors described for this operation.
BatchGetThreatModelJobTasks
$result = $client->batchGetThreatModelJobTasks([/* ... */]); $promise = $client->batchGetThreatModelJobTasksAsync([/* ... */]);
Retrieves information about one or more tasks within a threat model job.
Parameter Syntax
$result = $client->batchGetThreatModelJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'threatModelJobTaskIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the tasks.
- threatModelJobTaskIds
-
- Required: Yes
- Type: Array of strings
The list of task identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'threatModelJobTasks' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'logsLocation' => [
'cloudWatchLog' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'logType' => 'CLOUDWATCH',
],
'taskId' => '<string>',
'threatModelId' => '<string>',
'threatModelJobId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of task identifiers that were not found.
- threatModelJobTasks
-
- Type: Array of ThreatModelJobTask structures
The list of threat model job tasks that were found.
Errors
There are no errors described for this operation.
BatchGetThreatModelJobs
$result = $client->batchGetThreatModelJobs([/* ... */]); $promise = $client->batchGetThreatModelJobsAsync([/* ... */]);
Retrieves information about one or more threat model jobs in an agent space.
Parameter Syntax
$result = $client->batchGetThreatModelJobs([
'agentSpaceId' => '<string>', // REQUIRED
'threatModelJobIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the threat model jobs.
- threatModelJobIds
-
- Required: Yes
- Type: Array of strings
The list of threat model job identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'threatModelJobs' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'errorInformation' => [
'code' => 'CLIENT_ERROR|INTERNAL_ERROR|STOPPED_BY_USER',
'message' => '<string>',
],
'executionEndTime' => <DateTime>,
'executionStartTime' => <DateTime>,
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'scopeDocs' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'systemOverview' => '<string>',
'threatModelId' => '<string>',
'threatModelJobId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of threat model job identifiers that were not found.
- threatModelJobs
-
- Type: Array of ThreatModelJob structures
The list of threat model jobs that were found.
Errors
There are no errors described for this operation.
BatchGetThreatModels
$result = $client->batchGetThreatModels([/* ... */]); $promise = $client->batchGetThreatModelsAsync([/* ... */]);
Retrieves information about one or more threat models in an agent space.
Parameter Syntax
$result = $client->batchGetThreatModels([
'agentSpaceId' => '<string>', // REQUIRED
'threatModelIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the threat models.
- threatModelIds
-
- Required: Yes
- Type: Array of strings
The list of threat model identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'threatModels' => [
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'createdAt' => <DateTime>,
'description' => '<string>',
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'scopeDocs' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'serviceRole' => '<string>',
'threatModelId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of threat model identifiers that were not found.
- threatModels
-
- Type: Array of ThreatModel structures
The list of threat models that were found.
Errors
There are no errors described for this operation.
BatchGetThreats
$result = $client->batchGetThreats([/* ... */]); $promise = $client->batchGetThreatsAsync([/* ... */]);
Retrieves information about one or more threats.
Parameter Syntax
$result = $client->batchGetThreats([
'agentSpaceId' => '<string>', // REQUIRED
'threatIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- threatIds
-
- Required: Yes
- Type: Array of strings
The list of threat identifiers to retrieve.
Result Syntax
[
'notFound' => ['<string>', ...],
'threats' => [
[
'anchor' => [
'id' => '<string>',
'kind' => '<string>',
'packageId' => '<string>',
],
'comments' => '<string>',
'createdAt' => <DateTime>,
'createdBy' => 'CUSTOMER|AGENT',
'evidence' => [
[
'packageId' => '<string>',
'path' => '<string>',
],
// ...
],
'impactedAssets' => ['<string>', ...],
'impactedGoal' => ['<string>', ...],
'prerequisites' => '<string>',
'recommendation' => '<string>',
'severity' => 'CRITICAL|HIGH|MEDIUM|LOW|INFO',
'statement' => '<string>',
'status' => 'OPEN|RESOLVED|DISMISSED',
'stride' => ['<string>', ...],
'threatAction' => '<string>',
'threatId' => '<string>',
'threatImpact' => '<string>',
'threatJobId' => '<string>',
'threatSource' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'updatedBy' => 'CUSTOMER|AGENT',
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
The list of threat identifiers that were not found.
- threats
-
- Type: Array of Threat structures
The list of threats that were found.
Errors
There are no errors described for this operation.
BatchUpdateSecurityRequirements
$result = $client->batchUpdateSecurityRequirements([/* ... */]); $promise = $client->batchUpdateSecurityRequirementsAsync([/* ... */]);
Batch updates security requirements within a customer managed pack.
Parameter Syntax
$result = $client->batchUpdateSecurityRequirements([
'packId' => '<string>', // REQUIRED
'securityRequirements' => [ // REQUIRED
[
'description' => '<string>',
'domain' => '<string>',
'evaluation' => '<string>',
'name' => '<string>', // REQUIRED
'remediation' => '<string>',
],
// ...
],
]);
Parameter Details
Members
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack containing the requirements to update.
- securityRequirements
-
- Required: Yes
- Type: Array of UpdateSecurityRequirementEntry structures
The list of security requirement updates to apply.
Result Syntax
[
'errors' => [
[
'code' => '<string>',
'message' => '<string>',
'securityRequirementName' => '<string>',
],
// ...
],
'updatedSecurityRequirementNames' => ['<string>', ...],
]
Result Details
Members
- errors
-
- Required: Yes
- Type: Array of BatchSecurityRequirementError structures
The list of errors for security requirements that failed to be updated.
- updatedSecurityRequirementNames
-
- Required: Yes
- Type: Array of strings
The list of security requirement names that were successfully updated.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
CreateAgentSpace
$result = $client->createAgentSpace([/* ... */]); $promise = $client->createAgentSpaceAsync([/* ... */]);
Creates a new agent space. An agent space is a dedicated workspace for securing a specific application.
Parameter Syntax
$result = $client->createAgentSpace([
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false, // REQUIRED
'generalPurposeScanning' => true || false, // REQUIRED
],
'description' => '<string>',
'kmsKeyId' => '<string>',
'name' => '<string>', // REQUIRED
'tags' => ['<string>', ...],
'targetDomainIds' => ['<string>', ...],
]);
Parameter Details
Members
- awsResources
-
- Type: AWSResources structure
The AWS resources to associate with the agent space.
- codeReviewSettings
-
- Type: CodeReviewSettings structure
The code review settings for the agent space.
- description
-
- Type: string
A description of the agent space.
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key to use for encrypting data in the agent space.
- name
-
- Required: Yes
- Type: string
The name of the agent space.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags to associate with the agent space.
- targetDomainIds
-
- Type: Array of strings
The list of target domain identifiers to associate with the agent space.
Result Syntax
[
'agentSpaceId' => '<string>',
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false,
'generalPurposeScanning' => true || false,
],
'createdAt' => <DateTime>,
'description' => '<string>',
'kmsKeyId' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the created agent space.
- awsResources
-
- Type: AWSResources structure
The AWS resources associated with the agent space.
- codeReviewSettings
-
- Type: CodeReviewSettings structure
The code review settings for the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was created, in UTC format.
- description
-
- Type: string
The description of the agent space.
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key used to encrypt data in the agent space.
- name
-
- Required: Yes
- Type: string
The name of the agent space.
- targetDomainIds
-
- Type: Array of strings
The list of target domain identifiers associated with the agent space.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was last updated, in UTC format.
Errors
There are no errors described for this operation.
CreateApplication
$result = $client->createApplication([/* ... */]); $promise = $client->createApplicationAsync([/* ... */]);
Creates a new application. An application is the top-level organizational unit that supports IAM Identity Center integration.
Parameter Syntax
$result = $client->createApplication([
'defaultKmsKeyId' => '<string>',
'idcInstanceArn' => '<string>',
'roleArn' => '<string>',
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- defaultKmsKeyId
-
- Type: string
The identifier of the default AWS KMS key to use for encrypting data in the application.
- idcInstanceArn
-
- Type: string
The Amazon Resource Name (ARN) of the IAM Identity Center instance to associate with the application.
- roleArn
-
- Type: string
The Amazon Resource Name (ARN) of the IAM role to associate with the application.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags to associate with the application.
Result Syntax
[
'applicationId' => '<string>',
]
Result Details
Members
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the created application.
Errors
There are no errors described for this operation.
CreateCodeReview
$result = $client->createCodeReview([/* ... */]); $promise = $client->createCodeReviewAsync([/* ... */]);
Creates a new code review configuration in an agent space. A code review defines the parameters for automated security-focused code analysis.
Parameter Syntax
$result = $client->createCodeReview([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [ // REQUIRED
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'serviceRole' => '<string>',
'title' => '<string>', // REQUIRED
'validationMode' => 'DISABLED|SIMULATED',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to create the code review in.
- assets
-
- Required: Yes
- Type: Assets structure
The assets to include in the code review, such as documents and source code.
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the code review. Valid values are AUTOMATIC and DISABLED.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the code review.
- serviceRole
-
- Type: string
The IAM service role to use for the code review.
- title
-
- Required: Yes
- Type: string
The title of the code review.
- validationMode
-
- Type: string
The validation mode for the code review. Valid values are SIMULATED and DISABLED.
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'codeReviewId' => '<string>',
'createdAt' => <DateTime>,
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'validationMode' => 'DISABLED|SIMULATED',
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space that contains the code review.
- assets
-
- Type: Assets structure
The assets included in the code review.
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the code review.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the created code review.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was created, in UTC format.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the code review.
- serviceRole
-
- Type: string
The IAM service role used for the code review.
- title
-
- Type: string
The title of the code review.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was last updated, in UTC format.
- validationMode
-
- Type: string
The validation mode for the code review.
Errors
There are no errors described for this operation.
CreateIntegration
$result = $client->createIntegration([/* ... */]); $promise = $client->createIntegrationAsync([/* ... */]);
Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.
Parameter Syntax
$result = $client->createIntegration([
'input' => [ // REQUIRED
'bitbucket' => [
'code' => '<string>', // REQUIRED
'installationId' => '<string>', // REQUIRED
'state' => '<string>', // REQUIRED
'workspace' => '<string>', // REQUIRED
],
'confluence' => [
'code' => '<string>', // REQUIRED
'installationId' => '<string>', // REQUIRED
'siteUrl' => '<string>', // REQUIRED
'state' => '<string>', // REQUIRED
],
'github' => [
'code' => '<string>', // REQUIRED
'installationId' => '<string>',
'organizationName' => '<string>',
'state' => '<string>', // REQUIRED
'targetUrl' => '<string>',
],
'gitlab' => [
'accessToken' => '<string>', // REQUIRED
'groupId' => '<string>',
'targetUrl' => '<string>',
'tokenType' => 'PERSONAL|GROUP', // REQUIRED
],
],
'integrationDisplayName' => '<string>', // REQUIRED
'kmsKeyId' => '<string>',
'privateConnectionName' => '<string>',
'provider' => 'GITHUB|GITLAB|BITBUCKET|CONFLUENCE', // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- input
-
- Required: Yes
- Type: ProviderInput structure
The provider-specific input required to create the integration.
- integrationDisplayName
-
- Required: Yes
- Type: string
The display name for the integration.
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key to use for encrypting data associated with the integration.
- privateConnectionName
-
- Type: string
The name of an active private connection used to reach a self-hosted provider instance over private networking. Specify this when the instance is not publicly reachable.
- provider
-
- Required: Yes
- Type: string
The integration provider. Currently, only GITHUB is supported.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags to associate with the integration.
Result Syntax
[
'integrationId' => '<string>',
]
Result Details
Members
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the created integration.
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
CreateMembership
$result = $client->createMembership([/* ... */]); $promise = $client->createMembershipAsync([/* ... */]);
Creates a new membership, granting a user access to an agent space within an application.
Parameter Syntax
$result = $client->createMembership([
'agentSpaceId' => '<string>', // REQUIRED
'applicationId' => '<string>', // REQUIRED
'config' => [
'user' => [
'role' => 'MEMBER',
],
],
'memberType' => 'USER', // REQUIRED
'membershipId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to grant access to.
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application that contains the agent space.
- config
-
- Type: MembershipConfig structure
The configuration for the membership, such as the user role.
- memberType
-
- Required: Yes
- Type: string
The type of member. Currently, only USER is supported.
- membershipId
-
- Required: Yes
- Type: string
The unique identifier for the membership.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
CreatePentest
$result = $client->createPentest([/* ... */]); $promise = $client->createPentestAsync([/* ... */]);
Creates a new pentest configuration in an agent space. A pentest defines the security test parameters, including target assets, risk type exclusions, and logging configuration.
Parameter Syntax
$result = $client->createPentest([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'disableManagedSkills' => ['<string>', ...],
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'serviceRole' => '<string>',
'title' => '<string>', // REQUIRED
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to create the pentest in.
- assets
-
- Type: Assets structure
The assets to include in the pentest, such as endpoints, actors, documents, and source code.
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the pentest. Valid values are AUTOMATIC and DISABLED.
- disableManagedSkills
-
- Type: Array of strings
A list of managed skills to disable for this pentest. Valid values include FINDING_PERSONALIZATION and LOGIN_OPTIMIZATION.
- excludeRiskTypes
-
- Type: Array of strings
The list of risk types to exclude from the pentest.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the pentest.
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
The network traffic configuration for the pentest, including custom headers and traffic rules.
- serviceRole
-
- Type: string
The IAM service role to use for the pentest.
- title
-
- Required: Yes
- Type: string
The title of the pentest.
- vpcConfig
-
- Type: VpcConfig structure
The VPC configuration for the pentest.
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'createdAt' => <DateTime>,
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space that contains the pentest.
- assets
-
- Type: Assets structure
The assets included in the pentest.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was created, in UTC format.
- excludeRiskTypes
-
- Type: Array of strings
The list of risk types excluded from the pentest.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the pentest.
- pentestId
-
- Type: string
The unique identifier of the created pentest.
- serviceRole
-
- Type: string
The IAM service role used for the pentest.
- title
-
- Type: string
The title of the pentest.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was last updated, in UTC format.
Errors
There are no errors described for this operation.
CreatePrivateConnection
$result = $client->createPrivateConnection([/* ... */]); $promise = $client->createPrivateConnectionAsync([/* ... */]);
Creates a private connection for reaching a self-hosted provider instance over private networking using Amazon VPC Lattice.
Parameter Syntax
$result = $client->createPrivateConnection([
'mode' => [ // REQUIRED
'selfManaged' => [
'certificate' => '<string>',
'resourceConfigurationId' => '<string>', // REQUIRED
],
'serviceManaged' => [
'certificate' => '<string>',
'dnsResolution' => 'PUBLIC|IN_VPC',
'hostAddress' => '<string>', // REQUIRED
'ipAddressType' => 'IPV4|IPV6|DUAL_STACK',
'ipv4AddressesPerEni' => <integer>,
'portRanges' => ['<string>', ...],
'securityGroupIds' => ['<string>', ...],
'subnetIds' => ['<string>', ...], // REQUIRED
'vpcId' => '<string>', // REQUIRED
],
],
'privateConnectionName' => '<string>', // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- mode
-
- Required: Yes
- Type: PrivateConnectionMode structure
The configuration for the private connection. Specify either a service-managed or a self-managed mode.
- privateConnectionName
-
- Required: Yes
- Type: string
A unique name for the private connection within your account.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags to attach to the private connection.
Result Syntax
[
'certificateExpiryTime' => <DateTime>,
'dnsResolution' => 'PUBLIC|IN_VPC',
'failureMessage' => '<string>',
'hostAddress' => '<string>',
'name' => '<string>',
'resourceConfigurationId' => '<string>',
'resourceGatewayId' => '<string>',
'status' => 'ACTIVE|CREATE_IN_PROGRESS|CREATE_FAILED|DELETE_IN_PROGRESS|DELETE_FAILED',
'tags' => ['<string>', ...],
'type' => 'SERVICE_MANAGED|SELF_MANAGED',
'vpcId' => '<string>',
]
Result Details
Members
- certificateExpiryTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the connection's certificate expires, in UTC format.
- dnsResolution
-
- Type: string
The DNS resolution mode for the resource gateway.
- failureMessage
-
- Type: string
A message describing why the private connection entered a failed state, if applicable.
- hostAddress
-
- Type: string
The IP address or DNS name of the target resource.
- name
-
- Required: Yes
- Type: string
The name of the private connection.
- resourceConfigurationId
-
- Type: string
The identifier or ARN of the VPC Lattice resource configuration.
- resourceGatewayId
-
- Type: string
The identifier or ARN of the VPC Lattice resource gateway.
- status
-
- Required: Yes
- Type: string
The current status of the private connection.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags attached to the private connection.
- type
-
- Required: Yes
- Type: string
The type of the private connection, indicating whether it is service-managed or self-managed.
- vpcId
-
- Type: string
The identifier of the VPC the resource gateway is created in.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
CreateSecurityRequirementPack
$result = $client->createSecurityRequirementPack([/* ... */]); $promise = $client->createSecurityRequirementPackAsync([/* ... */]);
Creates a customer managed security requirement pack.
Parameter Syntax
$result = $client->createSecurityRequirementPack([
'description' => '<string>',
'kmsKeyId' => '<string>',
'name' => '<string>', // REQUIRED
'status' => 'ENABLED|DISABLED',
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- description
-
- Type: string
A description of the security requirement pack.
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key used to encrypt pack contents.
- name
-
- Required: Yes
- Type: string
The name of the security requirement pack.
- status
-
- Type: string
The status of the pack. Defaults to ENABLED if not provided.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags to associate with the security requirement pack.
Result Syntax
[
'kmsKeyId' => '<string>',
'packId' => '<string>',
'status' => 'ENABLED|DISABLED',
]
Result Details
Members
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key used to encrypt pack contents.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the created security requirement pack.
- status
-
- Required: Yes
- Type: string
The status of the created security requirement pack.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
- ServiceQuotaExceededException:
The request exceeds a service quota. Review your current usage and request a quota increase if needed.
CreateTargetDomain
$result = $client->createTargetDomain([/* ... */]); $promise = $client->createTargetDomainAsync([/* ... */]);
Creates a new target domain for penetration testing. A target domain is a web domain that must be registered and verified before it can be tested.
Parameter Syntax
$result = $client->createTargetDomain([
'tags' => ['<string>', ...],
'targetDomainName' => '<string>', // REQUIRED
'verificationMethod' => 'DNS_TXT|HTTP_ROUTE|PRIVATE_VPC', // REQUIRED
]);
Parameter Details
Members
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags to associate with the target domain.
- targetDomainName
-
- Required: Yes
- Type: string
The domain name to register as a target domain.
- verificationMethod
-
- Required: Yes
- Type: string
The method to use for verifying domain ownership. Valid values are DNS_TXT, HTTP_ROUTE, and PRIVATE_VPC.
Result Syntax
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationDetails' => [
'dnsTxt' => [
'dnsRecordName' => '<string>',
'dnsRecordType' => 'TXT',
'token' => '<string>',
],
'httpRoute' => [
'routePath' => '<string>',
'token' => '<string>',
],
'method' => 'DNS_TXT|HTTP_ROUTE|PRIVATE_VPC',
],
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'verificationStatusReason' => '<string>',
'verifiedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was created, in UTC format.
- domainName
-
- Required: Yes
- Type: string
The domain name of the target domain.
- targetDomainId
-
- Required: Yes
- Type: string
The unique identifier of the created target domain.
- verificationDetails
-
- Type: VerificationDetails structure
The verification details for the target domain, including the verification token and instructions.
- verificationStatus
-
- Required: Yes
- Type: string
The current verification status of the target domain.
- verificationStatusReason
-
- Type: string
The reason for the current target domain verification status.
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was verified, in UTC format.
Errors
There are no errors described for this operation.
CreateThreat
$result = $client->createThreat([/* ... */]); $promise = $client->createThreatAsync([/* ... */]);
Creates a new threat under a threat model job.
Parameter Syntax
$result = $client->createThreat([
'agentSpaceId' => '<string>', // REQUIRED
'anchor' => [
'id' => '<string>',
'kind' => '<string>',
'packageId' => '<string>',
],
'comments' => '<string>',
'evidence' => [
[
'packageId' => '<string>',
'path' => '<string>',
],
// ...
],
'impactedAssets' => ['<string>', ...],
'impactedGoal' => ['<string>', ...],
'prerequisites' => '<string>',
'recommendation' => '<string>',
'severity' => 'CRITICAL|HIGH|MEDIUM|LOW|INFO',
'statement' => '<string>',
'stride' => ['<string>', ...],
'threatAction' => '<string>',
'threatImpact' => '<string>',
'threatJobId' => '<string>', // REQUIRED
'threatSource' => '<string>',
'title' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- anchor
-
- Type: ThreatAnchorShape structure
The DFD element this threat is anchored to.
- comments
-
- Type: string
Optional customer comment on the threat.
- evidence
-
- Type: Array of ThreatEvidenceShape structures
The source code files supporting the threat.
- impactedAssets
-
- Type: Array of strings
The specific assets affected by the threat.
- impactedGoal
-
- Type: Array of strings
The security goals affected by the threat.
- prerequisites
-
- Type: string
The conditions required for the threat to be exploitable.
- recommendation
-
- Type: string
The recommended mitigation guidance for this threat.
- severity
-
- Type: string
The severity level of the threat.
- statement
-
- Type: string
The natural-language threat statement.
- stride
-
- Type: Array of strings
The STRIDE categories applicable to this threat.
- threatAction
-
- Type: string
What the threat source can do.
- threatImpact
-
- Type: string
The direct consequence of the threat action.
- threatJobId
-
- Required: Yes
- Type: string
The unique identifier of the threat model job the threat belongs to.
- threatSource
-
- Type: string
The actor or origin of the threat.
- title
-
- Type: string
A short title summarizing the threat.
Result Syntax
[
'anchor' => [
'id' => '<string>',
'kind' => '<string>',
'packageId' => '<string>',
],
'comments' => '<string>',
'createdAt' => <DateTime>,
'createdBy' => 'CUSTOMER|AGENT',
'evidence' => [
[
'packageId' => '<string>',
'path' => '<string>',
],
// ...
],
'impactedAssets' => ['<string>', ...],
'impactedGoal' => ['<string>', ...],
'prerequisites' => '<string>',
'recommendation' => '<string>',
'severity' => 'CRITICAL|HIGH|MEDIUM|LOW|INFO',
'statement' => '<string>',
'status' => 'OPEN|RESOLVED|DISMISSED',
'stride' => ['<string>', ...],
'threatAction' => '<string>',
'threatId' => '<string>',
'threatImpact' => '<string>',
'threatJobId' => '<string>',
'threatSource' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'updatedBy' => 'CUSTOMER|AGENT',
]
Result Details
Members
- anchor
-
- Type: ThreatAnchorShape structure
The DFD element this threat is anchored to.
- comments
-
- Type: string
Optional customer comment on the threat.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was created, in UTC format.
- createdBy
-
- Type: string
Who created this threat.
- evidence
-
- Type: Array of ThreatEvidenceShape structures
The source code files supporting the threat.
- impactedAssets
-
- Type: Array of strings
The specific assets affected by the threat.
- impactedGoal
-
- Type: Array of strings
The security goals affected by the threat.
- prerequisites
-
- Type: string
The conditions required for the threat to be exploitable.
- recommendation
-
- Type: string
The recommended mitigation guidance for this threat.
- severity
-
- Type: string
The severity level of the threat.
- statement
-
- Type: string
The natural-language threat statement.
- status
-
- Type: string
The current status of the threat.
- stride
-
- Type: Array of strings
The STRIDE categories applicable to this threat.
- threatAction
-
- Type: string
What the threat source can do.
- threatId
-
- Required: Yes
- Type: string
The unique identifier of the created threat.
- threatImpact
-
- Type: string
The direct consequence of the threat action.
- threatJobId
-
- Required: Yes
- Type: string
The unique identifier of the threat model job the threat belongs to.
- threatSource
-
- Type: string
The actor or origin of the threat.
- title
-
- Type: string
A short title summarizing the threat.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was last updated, in UTC format.
- updatedBy
-
- Type: string
Who last updated this threat.
Errors
There are no errors described for this operation.
CreateThreatModel
$result = $client->createThreatModel([/* ... */]); $promise = $client->createThreatModelAsync([/* ... */]);
Creates a new threat model configuration in an agent space. A threat model defines the parameters for automated threat analysis.
Parameter Syntax
$result = $client->createThreatModel([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'description' => '<string>',
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'reportDestination' => [
'containerId' => '<string>', // REQUIRED
'documentId' => '<string>',
'integrationId' => '<string>', // REQUIRED
'parentId' => '<string>',
],
'scopeDocs' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'serviceRole' => '<string>', // REQUIRED
'title' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to create the threat model in.
- assets
-
- Type: Assets structure
The assets to include in the threat model.
- description
-
- Type: string
A description of the application or system being threat modeled.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the threat model.
- reportDestination
-
- Type: ReportDestination structure
The destination for publishing scan reports to an integrated document provider.
- scopeDocs
-
- Type: Array of DocumentInfo structures
The scoped documents for the agent to focus on during threat modeling.
- serviceRole
-
- Required: Yes
- Type: string
The IAM service role to use for the threat model.
- title
-
- Required: Yes
- Type: string
The title of the threat model.
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'createdAt' => <DateTime>,
'description' => '<string>',
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'scopeDocs' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'serviceRole' => '<string>',
'threatModelId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space that contains the threat model.
- assets
-
- Type: Assets structure
The assets included in the threat model.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was created, in UTC format.
- description
-
- Type: string
A description of the application or system being threat modeled.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the threat model.
- scopeDocs
-
- Type: Array of DocumentInfo structures
The scoped documents for the agent to focus on during threat modeling.
- serviceRole
-
- Type: string
The IAM service role used for the threat model.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the created threat model.
- title
-
- Type: string
The title of the threat model.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was last updated, in UTC format.
Errors
There are no errors described for this operation.
DeleteAgentSpace
$result = $client->deleteAgentSpace([/* ... */]); $promise = $client->deleteAgentSpaceAsync([/* ... */]);
Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.
Parameter Syntax
$result = $client->deleteAgentSpace([
'agentSpaceId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to delete.
Result Syntax
[
'agentSpaceId' => '<string>',
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the deleted agent space.
Errors
There are no errors described for this operation.
DeleteApplication
$result = $client->deleteApplication([/* ... */]); $promise = $client->deleteApplicationAsync([/* ... */]);
Deletes an application and its associated configuration, including IAM Identity Center settings.
Parameter Syntax
$result = $client->deleteApplication([
'applicationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application to delete.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
DeleteArtifact
$result = $client->deleteArtifact([/* ... */]); $promise = $client->deleteArtifactAsync([/* ... */]);
Deletes an artifact from an agent space.
Parameter Syntax
$result = $client->deleteArtifact([
'agentSpaceId' => '<string>', // REQUIRED
'artifactId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the artifact.
- artifactId
-
- Required: Yes
- Type: string
The unique identifier of the artifact to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
DeleteIntegration
$result = $client->deleteIntegration([/* ... */]); $promise = $client->deleteIntegrationAsync([/* ... */]);
Deletes an integration with a third-party provider.
Parameter Syntax
$result = $client->deleteIntegration([
'integrationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the integration to delete.
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
DeleteMembership
$result = $client->deleteMembership([/* ... */]); $promise = $client->deleteMembershipAsync([/* ... */]);
Deletes a membership, revoking a user's access to an agent space.
Parameter Syntax
$result = $client->deleteMembership([
'agentSpaceId' => '<string>', // REQUIRED
'applicationId' => '<string>', // REQUIRED
'memberType' => 'USER',
'membershipId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to revoke access from.
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application that contains the agent space.
- memberType
-
- Type: string
The type of member to remove.
- membershipId
-
- Required: Yes
- Type: string
The unique identifier of the membership to delete.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
DeletePrivateConnection
$result = $client->deletePrivateConnection([/* ... */]); $promise = $client->deletePrivateConnectionAsync([/* ... */]);
Deletes a private connection.
Parameter Syntax
$result = $client->deletePrivateConnection([
'privateConnectionName' => '<string>', // REQUIRED
]);
Parameter Details
Members
- privateConnectionName
-
- Required: Yes
- Type: string
The name of the private connection to delete.
Result Syntax
[
'certificateExpiryTime' => <DateTime>,
'dnsResolution' => 'PUBLIC|IN_VPC',
'failureMessage' => '<string>',
'hostAddress' => '<string>',
'name' => '<string>',
'resourceConfigurationId' => '<string>',
'resourceGatewayId' => '<string>',
'status' => 'ACTIVE|CREATE_IN_PROGRESS|CREATE_FAILED|DELETE_IN_PROGRESS|DELETE_FAILED',
'tags' => ['<string>', ...],
'type' => 'SERVICE_MANAGED|SELF_MANAGED',
'vpcId' => '<string>',
]
Result Details
Members
- certificateExpiryTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the connection's certificate expires, in UTC format.
- dnsResolution
-
- Type: string
The DNS resolution mode for the resource gateway.
- failureMessage
-
- Type: string
A message describing why the private connection entered a failed state, if applicable.
- hostAddress
-
- Type: string
The IP address or DNS name of the target resource.
- name
-
- Required: Yes
- Type: string
The name of the private connection.
- resourceConfigurationId
-
- Type: string
The identifier or ARN of the VPC Lattice resource configuration.
- resourceGatewayId
-
- Type: string
The identifier or ARN of the VPC Lattice resource gateway.
- status
-
- Required: Yes
- Type: string
The current status of the private connection.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags attached to the private connection.
- type
-
- Required: Yes
- Type: string
The type of the private connection, indicating whether it is service-managed or self-managed.
- vpcId
-
- Type: string
The identifier of the VPC the resource gateway is created in.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
DeleteSecurityRequirementPack
$result = $client->deleteSecurityRequirementPack([/* ... */]); $promise = $client->deleteSecurityRequirementPackAsync([/* ... */]);
Deletes a customer managed security requirement pack and all its associated security requirements.
Parameter Syntax
$result = $client->deleteSecurityRequirementPack([
'packId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to delete.
Result Syntax
[]
Result Details
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
DeleteTargetDomain
$result = $client->deleteTargetDomain([/* ... */]); $promise = $client->deleteTargetDomainAsync([/* ... */]);
Deletes a target domain registration. After deletion, the domain can no longer be used for penetration testing.
Parameter Syntax
$result = $client->deleteTargetDomain([
'targetDomainId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- targetDomainId
-
- Required: Yes
- Type: string
The unique identifier of the target domain to delete.
Result Syntax
[
'targetDomainId' => '<string>',
]
Result Details
Members
- targetDomainId
-
- Type: string
The unique identifier of the deleted target domain.
Errors
There are no errors described for this operation.
DescribePrivateConnection
$result = $client->describePrivateConnection([/* ... */]); $promise = $client->describePrivateConnectionAsync([/* ... */]);
Retrieves the details of a private connection.
Parameter Syntax
$result = $client->describePrivateConnection([
'privateConnectionName' => '<string>', // REQUIRED
]);
Parameter Details
Members
- privateConnectionName
-
- Required: Yes
- Type: string
The name of the private connection to describe.
Result Syntax
[
'certificateExpiryTime' => <DateTime>,
'dnsResolution' => 'PUBLIC|IN_VPC',
'failureMessage' => '<string>',
'hostAddress' => '<string>',
'name' => '<string>',
'resourceConfigurationId' => '<string>',
'resourceGatewayId' => '<string>',
'status' => 'ACTIVE|CREATE_IN_PROGRESS|CREATE_FAILED|DELETE_IN_PROGRESS|DELETE_FAILED',
'tags' => ['<string>', ...],
'type' => 'SERVICE_MANAGED|SELF_MANAGED',
'vpcId' => '<string>',
]
Result Details
Members
- certificateExpiryTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the connection's certificate expires, in UTC format.
- dnsResolution
-
- Type: string
The DNS resolution mode for the resource gateway.
- failureMessage
-
- Type: string
A message describing why the private connection entered a failed state, if applicable.
- hostAddress
-
- Type: string
The IP address or DNS name of the target resource.
- name
-
- Required: Yes
- Type: string
The name of the private connection.
- resourceConfigurationId
-
- Type: string
The identifier or ARN of the VPC Lattice resource configuration.
- resourceGatewayId
-
- Type: string
The identifier or ARN of the VPC Lattice resource gateway.
- status
-
- Required: Yes
- Type: string
The current status of the private connection.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags attached to the private connection.
- type
-
- Required: Yes
- Type: string
The type of the private connection, indicating whether it is service-managed or self-managed.
- vpcId
-
- Type: string
The identifier of the VPC the resource gateway is created in.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
GetApplication
$result = $client->getApplication([/* ... */]); $promise = $client->getApplicationAsync([/* ... */]);
Retrieves information about an application.
Parameter Syntax
$result = $client->getApplication([
'applicationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application to retrieve.
Result Syntax
[
'applicationId' => '<string>',
'applicationName' => '<string>',
'defaultKmsKeyId' => '<string>',
'domain' => '<string>',
'idcConfiguration' => [
'idcApplicationArn' => '<string>',
'idcInstanceArn' => '<string>',
],
'roleArn' => '<string>',
]
Result Details
Members
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application.
- applicationName
-
- Type: string
The name of the application.
- defaultKmsKeyId
-
- Type: string
The identifier of the default AWS KMS key used to encrypt data for the application.
- domain
-
- Required: Yes
- Type: string
The domain associated with the application.
- idcConfiguration
-
- Type: IdCConfiguration structure
The IAM Identity Center configuration for the application.
- roleArn
-
- Type: string
The Amazon Resource Name (ARN) of the IAM role associated with the application.
Errors
There are no errors described for this operation.
GetArtifact
$result = $client->getArtifact([/* ... */]); $promise = $client->getArtifactAsync([/* ... */]);
Retrieves an artifact from an agent space.
Parameter Syntax
$result = $client->getArtifact([
'agentSpaceId' => '<string>', // REQUIRED
'artifactId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the artifact.
- artifactId
-
- Required: Yes
- Type: string
The unique identifier of the artifact to retrieve.
Result Syntax
[
'agentSpaceId' => '<string>',
'artifact' => [
'contents' => '<string>',
'type' => 'TXT|PNG|JPEG|MD|PDF|DOCX|DOC|JSON|YAML',
],
'artifactId' => '<string>',
'fileName' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the artifact.
- artifact
-
- Required: Yes
- Type: Artifact structure
The artifact content and type.
- artifactId
-
- Required: Yes
- Type: string
The unique identifier of the artifact.
- fileName
-
- Required: Yes
- Type: string
The file name of the artifact.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the artifact was last updated, in UTC format.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
GetIntegration
$result = $client->getIntegration([/* ... */]); $promise = $client->getIntegrationAsync([/* ... */]);
Retrieves information about an integration.
Parameter Syntax
$result = $client->getIntegration([
'integrationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the integration to retrieve.
Result Syntax
[
'displayName' => '<string>',
'installationId' => '<string>',
'integrationId' => '<string>',
'kmsKeyId' => '<string>',
'privateConnectionName' => '<string>',
'provider' => 'GITHUB|GITLAB|BITBUCKET|CONFLUENCE',
'providerType' => 'SOURCE_CODE|DOCUMENTATION',
'targetUrl' => '<string>',
]
Result Details
Members
- displayName
-
- Type: string
The display name of the integration.
- installationId
-
- Required: Yes
- Type: string
The installation identifier from the integration provider.
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the integration.
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key used to encrypt data associated with the integration.
- privateConnectionName
-
- Type: string
The name of the private connection used to reach the integration's self-hosted instance over private networking, if one is configured.
- provider
-
- Required: Yes
- Type: string
The integration provider.
- providerType
-
- Required: Yes
- Type: string
The type of the integration provider.
- targetUrl
-
- Type: string
The HTTPS URL of the customer self-hosted instance, such as a GitHub Enterprise Server or self-managed GitLab instance. This value is absent for SaaS integrations.
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
GetSecurityRequirementPack
$result = $client->getSecurityRequirementPack([/* ... */]); $promise = $client->getSecurityRequirementPackAsync([/* ... */]);
Retrieves information about a security requirement pack.
Parameter Syntax
$result = $client->getSecurityRequirementPack([
'packId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to retrieve.
Result Syntax
[
'createdAt' => <DateTime>,
'description' => '<string>',
'importStatus' => 'PENDING|IN_PROGRESS|FAILED|COMPLETED',
'kmsKeyId' => '<string>',
'managementType' => 'AWS_MANAGED|CUSTOMER_MANAGED',
'name' => '<string>',
'packId' => '<string>',
'status' => 'ENABLED|DISABLED',
'updatedAt' => <DateTime>,
'vendorName' => '<string>',
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement pack was created, in UTC format.
- description
-
- Type: string
A description of the security requirement pack.
- importStatus
-
- Type: string
The status of the security requirements import workflow for this pack.
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key used to encrypt pack contents.
- managementType
-
- Required: Yes
- Type: string
The management type of the pack. Valid values are AWS_MANAGED and CUSTOMER_MANAGED.
- name
-
- Required: Yes
- Type: string
The name of the security requirement pack.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack.
- status
-
- Required: Yes
- Type: string
The status of the security requirement pack.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement pack was last updated, in UTC format.
- vendorName
-
- Type: string
The vendor name for AWS managed packs, such as ISO or NIST.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ImportSecurityRequirements
$result = $client->importSecurityRequirements([/* ... */]); $promise = $client->importSecurityRequirementsAsync([/* ... */]);
Imports security requirements from uploaded documents into a customer managed security requirement pack. The import process asynchronously extracts and generates structured security requirements from the provided source files.
Parameter Syntax
$result = $client->importSecurityRequirements([
'input' => [ // REQUIRED
'documents' => [
[
'content' => <string || resource || Psr\Http\Message\StreamInterface>, // REQUIRED
'format' => 'MD|PDF|TXT|DOCX|DOC', // REQUIRED
'name' => '<string>', // REQUIRED
],
// ...
],
],
'packId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- input
-
- Required: Yes
- Type: ImportSource structure
The import source containing the documents to extract security requirements from.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to import requirements into.
Result Syntax
[
'importStatus' => 'PENDING|IN_PROGRESS|FAILED|COMPLETED',
'packId' => '<string>',
]
Result Details
Members
- importStatus
-
- Required: Yes
- Type: string
The status of the import workflow.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
- ServiceQuotaExceededException:
The request exceeds a service quota. Review your current usage and request a quota increase if needed.
InitiateProviderRegistration
$result = $client->initiateProviderRegistration([/* ... */]); $promise = $client->initiateProviderRegistrationAsync([/* ... */]);
Initiates the OAuth registration flow with a third-party provider. Returns a redirect URL and CSRF state token for completing the authorization.
Parameter Syntax
$result = $client->initiateProviderRegistration([
'provider' => 'GITHUB|GITLAB|BITBUCKET|CONFLUENCE', // REQUIRED
]);
Parameter Details
Members
- provider
-
- Required: Yes
- Type: string
The provider to initiate registration with. Currently, only GITHUB is supported.
Result Syntax
[
'csrfState' => '<string>',
'redirectTo' => '<string>',
]
Result Details
Members
- csrfState
-
- Required: Yes
- Type: string
The CSRF state token to use when completing the OAuth flow.
- redirectTo
-
- Required: Yes
- Type: string
The URL to redirect the user to for completing the OAuth authorization.
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ListAgentSpaces
$result = $client->listAgentSpaces([/* ... */]); $promise = $client->listAgentSpacesAsync([/* ... */]);
Returns a paginated list of agent space summaries in your account.
Parameter Syntax
$result = $client->listAgentSpaces([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'agentSpaceSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'name' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- agentSpaceSummaries
-
- Type: Array of AgentSpaceSummary structures
The list of agent space summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListApplications
$result = $client->listApplications([/* ... */]); $promise = $client->listApplicationsAsync([/* ... */]);
Returns a paginated list of application summaries in your account.
Parameter Syntax
$result = $client->listApplications([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'applicationSummaries' => [
[
'applicationId' => '<string>',
'applicationName' => '<string>',
'defaultKmsKeyId' => '<string>',
'domain' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- applicationSummaries
-
- Required: Yes
- Type: Array of ApplicationSummary structures
The list of application summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListArtifacts
$result = $client->listArtifacts([/* ... */]); $promise = $client->listArtifactsAsync([/* ... */]);
Returns a paginated list of artifact summaries for the specified agent space.
Parameter Syntax
$result = $client->listArtifacts([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to list artifacts for.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'artifactSummaries' => [
[
'artifactId' => '<string>',
'artifactType' => 'TXT|PNG|JPEG|MD|PDF|DOCX|DOC|JSON|YAML',
'fileName' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- artifactSummaries
-
- Required: Yes
- Type: Array of ArtifactSummary structures
The list of artifact summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ListCodeReviewJobTasks
$result = $client->listCodeReviewJobTasks([/* ... */]); $promise = $client->listCodeReviewJobTasksAsync([/* ... */]);
Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.
Parameter Syntax
$result = $client->listCodeReviewJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'categoryName' => '<string>',
'codeReviewJobId' => '<string>',
'maxResults' => <integer>,
'nextToken' => '<string>',
'stepName' => 'PREFLIGHT|STATIC_ANALYSIS|PENTEST|FINALIZING|VALIDATION',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- categoryName
-
- Type: string
Filter tasks by category name.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job to list tasks for.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- stepName
-
- Type: string
Filter tasks by step name.
Result Syntax
[
'codeReviewJobTaskSummaries' => [
[
'agentSpaceId' => '<string>',
'codeReviewId' => '<string>',
'codeReviewJobId' => '<string>',
'createdAt' => <DateTime>,
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'riskType' => 'CROSS_SITE_SCRIPTING|DEFAULT_CREDENTIALS|INSECURE_DIRECT_OBJECT_REFERENCE|PRIVILEGE_ESCALATION|SERVER_SIDE_TEMPLATE_INJECTION|COMMAND_INJECTION|CODE_INJECTION|SQL_INJECTION|ARBITRARY_FILE_UPLOAD|INSECURE_DESERIALIZATION|LOCAL_FILE_INCLUSION|INFORMATION_DISCLOSURE|PATH_TRAVERSAL|SERVER_SIDE_REQUEST_FORGERY|JSON_WEB_TOKEN_VULNERABILITIES|XML_EXTERNAL_ENTITY|FILE_DELETION|OTHER|GRAPHQL_VULNERABILITIES|BUSINESS_LOGIC_VULNERABILITIES|CRYPTOGRAPHIC_VULNERABILITIES|DENIAL_OF_SERVICE|FILE_ACCESS|FILE_CREATION|DATABASE_MODIFICATION|DATABASE_ACCESS|OUTBOUND_SERVICE_REQUEST|UNKNOWN',
'taskId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- codeReviewJobTaskSummaries
-
- Type: Array of CodeReviewJobTaskSummary structures
The list of code review job task summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListCodeReviewJobsForCodeReview
$result = $client->listCodeReviewJobsForCodeReview([/* ... */]); $promise = $client->listCodeReviewJobsForCodeReviewAsync([/* ... */]);
Returns a paginated list of code review job summaries for the specified code review configuration.
Parameter Syntax
$result = $client->listCodeReviewJobsForCodeReview([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review to list jobs for.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'codeReviewJobSummaries' => [
[
'codeReviewId' => '<string>',
'codeReviewJobId' => '<string>',
'createdAt' => <DateTime>,
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- codeReviewJobSummaries
-
- Type: Array of CodeReviewJobSummary structures
The list of code review job summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListCodeReviews
$result = $client->listCodeReviews([/* ... */]); $promise = $client->listCodeReviewsAsync([/* ... */]);
Returns a paginated list of code review summaries for the specified agent space.
Parameter Syntax
$result = $client->listCodeReviews([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to list code reviews for.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'codeReviewSummaries' => [
[
'agentSpaceId' => '<string>',
'codeReviewId' => '<string>',
'createdAt' => <DateTime>,
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- codeReviewSummaries
-
- Type: Array of CodeReviewSummary structures
The list of code review summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListDiscoveredEndpoints
$result = $client->listDiscoveredEndpoints([/* ... */]); $promise = $client->listDiscoveredEndpointsAsync([/* ... */]);
Returns a paginated list of endpoints discovered during a pentest job execution.
Parameter Syntax
$result = $client->listDiscoveredEndpoints([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
'pentestJobId' => '<string>', // REQUIRED
'prefix' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- pentestJobId
-
- Required: Yes
- Type: string
The unique identifier of the pentest job to list discovered endpoints for.
- prefix
-
- Type: string
A prefix to filter discovered endpoints by URI.
Result Syntax
[
'discoveredEndpoints' => [
[
'agentSpaceId' => '<string>',
'description' => '<string>',
'evidence' => '<string>',
'operation' => '<string>',
'pentestJobId' => '<string>',
'taskId' => '<string>',
'uri' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- discoveredEndpoints
-
- Type: Array of DiscoveredEndpoint structures
The list of discovered endpoints.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListFindings
$result = $client->listFindings([/* ... */]); $promise = $client->listFindingsAsync([/* ... */]);
Lists the security findings for a pentest job.
Parameter Syntax
$result = $client->listFindings([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewJobId' => '<string>',
'confidence' => 'FALSE_POSITIVE|UNCONFIRMED|LOW|MEDIUM|HIGH',
'maxResults' => <integer>,
'name' => '<string>',
'nextToken' => '<string>',
'pentestJobId' => '<string>',
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'riskType' => '<string>',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job to list findings for. Mutually exclusive with pentestJobId.
- confidence
-
- Type: string
Filter findings by confidence level.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- name
-
- Type: string
Filter findings by name.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job to list findings for.
- riskLevel
-
- Type: string
Filter findings by risk level.
- riskType
-
- Type: string
Filter findings by risk type.
- status
-
- Type: string
Filter findings by status.
Result Syntax
[
'findingsSummaries' => [
[
'agentSpaceId' => '<string>',
'codeReviewId' => '<string>',
'codeReviewJobId' => '<string>',
'confidence' => 'FALSE_POSITIVE|UNCONFIRMED|LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'findingId' => '<string>',
'name' => '<string>',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'riskType' => '<string>',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
'updatedAt' => <DateTime>,
'validationStatus' => 'CONFIRMED|NOT_REPRODUCED|VALIDATION_FAILED|VALIDATING|NOT_VALIDATED',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- findingsSummaries
-
- Type: Array of FindingSummary structures
The list of finding summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListIntegratedResources
$result = $client->listIntegratedResources([/* ... */]); $promise = $client->listIntegratedResourcesAsync([/* ... */]);
Lists the integrated resources for an agent space, optionally filtered by integration or resource type.
Parameter Syntax
$result = $client->listIntegratedResources([
'agentSpaceId' => '<string>', // REQUIRED
'integrationId' => '<string>',
'maxResults' => <integer>,
'nextToken' => '<string>',
'resourceType' => 'CODE_REPOSITORY|DOCUMENT',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to list integrated resources for.
- integrationId
-
- Type: string
The unique identifier of the integration to filter by.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- resourceType
-
- Type: string
The type of resource to filter by.
Result Syntax
[
'integratedResourceSummaries' => [
[
'capabilities' => [
'bitbucket' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
'confluence' => [
'createDocument' => true || false,
'fetchDocument' => true || false,
'updateDocument' => true || false,
],
'github' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
'gitlab' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
],
'integrationId' => '<string>',
'resource' => [
'bitbucketRepository' => [
'accessType' => 'PRIVATE|PUBLIC',
'name' => '<string>',
'providerResourceId' => '<string>',
'workspace' => '<string>',
],
'confluenceDocument' => [
'name' => '<string>',
'pageId' => '<string>',
'providerResourceId' => '<string>',
'spaceKey' => '<string>',
'spaceTitle' => '<string>',
'title' => '<string>',
],
'githubRepository' => [
'accessType' => 'PRIVATE|PUBLIC',
'name' => '<string>',
'owner' => '<string>',
'providerResourceId' => '<string>',
],
'gitlabRepository' => [
'accessType' => 'PRIVATE|PUBLIC',
'name' => '<string>',
'namespace' => '<string>',
'providerResourceId' => '<string>',
],
],
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- integratedResourceSummaries
-
- Required: Yes
- Type: Array of IntegratedResourceSummary structures
The list of integrated resource summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ListIntegrations
$result = $client->listIntegrations([/* ... */]); $promise = $client->listIntegrationsAsync([/* ... */]);
Lists the integrations in your account, optionally filtered by provider or provider type.
Parameter Syntax
$result = $client->listIntegrations([
'filter' => [
'provider' => 'GITHUB|GITLAB|BITBUCKET|CONFLUENCE',
'providerType' => 'SOURCE_CODE|DOCUMENTATION',
],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- filter
-
- Type: IntegrationFilter structure
A filter to apply to the list of integrations.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'integrationSummaries' => [
[
'displayName' => '<string>',
'installationId' => '<string>',
'integrationId' => '<string>',
'privateConnectionName' => '<string>',
'provider' => 'GITHUB|GITLAB|BITBUCKET|CONFLUENCE',
'providerType' => 'SOURCE_CODE|DOCUMENTATION',
'targetUrl' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- integrationSummaries
-
- Required: Yes
- Type: Array of IntegrationSummary structures
The list of integration summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ListMemberships
$result = $client->listMemberships([/* ... */]); $promise = $client->listMembershipsAsync([/* ... */]);
Returns a paginated list of membership summaries for the specified agent space within an application.
Parameter Syntax
$result = $client->listMemberships([
'agentSpaceId' => '<string>', // REQUIRED
'applicationId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'memberType' => 'USER|ALL',
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to list memberships for.
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application that contains the agent space.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- memberType
-
- Type: string
Filter memberships by member type.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'membershipSummaries' => [
[
'agentSpaceId' => '<string>',
'applicationId' => '<string>',
'config' => [
'user' => [
'role' => 'MEMBER',
],
],
'createdAt' => <DateTime>,
'createdBy' => '<string>',
'memberType' => 'USER',
'membershipId' => '<string>',
'metadata' => [
'user' => [
'email' => '<string>',
'username' => '<string>',
],
],
'updatedAt' => <DateTime>,
'updatedBy' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- membershipSummaries
-
- Required: Yes
- Type: Array of MembershipSummary structures
The list of membership summaries.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Errors
There are no errors described for this operation.
ListPentestJobTasks
$result = $client->listPentestJobTasks([/* ... */]); $promise = $client->listPentestJobTasksAsync([/* ... */]);
Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.
Parameter Syntax
$result = $client->listPentestJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'categoryName' => '<string>',
'maxResults' => <integer>,
'nextToken' => '<string>',
'pentestJobId' => '<string>',
'stepName' => 'PREFLIGHT|STATIC_ANALYSIS|PENTEST|FINALIZING|VALIDATION',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- categoryName
-
- Type: string
Filter tasks by category name.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job to list tasks for.
- stepName
-
- Type: string
Filter tasks by step name. Valid values include PREFLIGHT, STATIC_ANALYSIS, PENTEST, VALIDATION, and FINALIZING.
Result Syntax
[
'nextToken' => '<string>',
'taskSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'riskType' => 'CROSS_SITE_SCRIPTING|DEFAULT_CREDENTIALS|INSECURE_DIRECT_OBJECT_REFERENCE|PRIVILEGE_ESCALATION|SERVER_SIDE_TEMPLATE_INJECTION|COMMAND_INJECTION|CODE_INJECTION|SQL_INJECTION|ARBITRARY_FILE_UPLOAD|INSECURE_DESERIALIZATION|LOCAL_FILE_INCLUSION|INFORMATION_DISCLOSURE|PATH_TRAVERSAL|SERVER_SIDE_REQUEST_FORGERY|JSON_WEB_TOKEN_VULNERABILITIES|XML_EXTERNAL_ENTITY|FILE_DELETION|OTHER|GRAPHQL_VULNERABILITIES|BUSINESS_LOGIC_VULNERABILITIES|CRYPTOGRAPHIC_VULNERABILITIES|DENIAL_OF_SERVICE|FILE_ACCESS|FILE_CREATION|DATABASE_MODIFICATION|DATABASE_ACCESS|OUTBOUND_SERVICE_REQUEST|UNKNOWN',
'taskId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- taskSummaries
-
- Type: Array of TaskSummary structures
The list of task summaries.
Errors
There are no errors described for this operation.
ListPentestJobsForPentest
$result = $client->listPentestJobsForPentest([/* ... */]); $promise = $client->listPentestJobsForPentestAsync([/* ... */]);
Returns a paginated list of pentest job summaries for the specified pentest configuration.
Parameter Syntax
$result = $client->listPentestJobsForPentest([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
'pentestId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- pentestId
-
- Required: Yes
- Type: string
The unique identifier of the pentest to list jobs for.
Result Syntax
[
'nextToken' => '<string>',
'pentestJobSummaries' => [
[
'createdAt' => <DateTime>,
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- pentestJobSummaries
-
- Type: Array of PentestJobSummary structures
The list of pentest job summaries.
Errors
There are no errors described for this operation.
ListPentests
$result = $client->listPentests([/* ... */]); $promise = $client->listPentestsAsync([/* ... */]);
Returns a paginated list of pentest summaries for the specified agent space.
Parameter Syntax
$result = $client->listPentests([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to list pentests for.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'nextToken' => '<string>',
'pentestSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'pentestId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- pentestSummaries
-
- Type: Array of PentestSummary structures
The list of pentest summaries.
Errors
There are no errors described for this operation.
ListPrivateConnections
$result = $client->listPrivateConnections([/* ... */]); $promise = $client->listPrivateConnectionsAsync([/* ... */]);
Lists the private connections in your account.
Parameter Syntax
$result = $client->listPrivateConnections([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of private connections to return in a single response.
- nextToken
-
- Type: string
The token for the next page of results.
Result Syntax
[
'nextToken' => '<string>',
'privateConnections' => [
[
'certificateExpiryTime' => <DateTime>,
'dnsResolution' => 'PUBLIC|IN_VPC',
'failureMessage' => '<string>',
'hostAddress' => '<string>',
'name' => '<string>',
'resourceConfigurationId' => '<string>',
'resourceGatewayId' => '<string>',
'status' => 'ACTIVE|CREATE_IN_PROGRESS|CREATE_FAILED|DELETE_IN_PROGRESS|DELETE_FAILED',
'tags' => ['<string>', ...],
'type' => 'SERVICE_MANAGED|SELF_MANAGED',
'vpcId' => '<string>',
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
The token to use to retrieve the next page of results, if more results are available.
- privateConnections
-
- Required: Yes
- Type: Array of PrivateConnectionSummary structures
The list of private connections.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ListSecurityRequirementPacks
$result = $client->listSecurityRequirementPacks([/* ... */]); $promise = $client->listSecurityRequirementPacksAsync([/* ... */]);
Lists all security requirement packs in the caller's account.
Parameter Syntax
$result = $client->listSecurityRequirementPacks([
'filter' => [
'managementType' => 'AWS_MANAGED|CUSTOMER_MANAGED',
'status' => 'ENABLED|DISABLED',
],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- filter
-
- Type: ListSecurityRequirementPackFilter structure
The filter criteria for listing security requirement packs.
- maxResults
-
- Type: int
The maximum number of results to return in a single request.
- nextToken
-
- Type: string
The pagination token from a previous request to retrieve the next page of results.
Result Syntax
[
'nextToken' => '<string>',
'securityRequirementPackSummaries' => [
[
'createdAt' => <DateTime>,
'description' => '<string>',
'managementType' => 'AWS_MANAGED|CUSTOMER_MANAGED',
'name' => '<string>',
'packId' => '<string>',
'status' => 'ENABLED|DISABLED',
'updatedAt' => <DateTime>,
'vendorName' => '<string>',
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
The pagination token to use in a subsequent request to retrieve the next page of results.
- securityRequirementPackSummaries
-
- Required: Yes
- Type: Array of SecurityRequirementPackSummary structures
The list of security requirement pack summaries.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ListSecurityRequirements
$result = $client->listSecurityRequirements([/* ... */]); $promise = $client->listSecurityRequirementsAsync([/* ... */]);
Lists security requirements within a pack.
Parameter Syntax
$result = $client->listSecurityRequirements([
'maxResults' => <integer>,
'nextToken' => '<string>',
'packId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to return in a single request.
- nextToken
-
- Type: string
The pagination token from a previous request to retrieve the next page of results.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to list requirements for.
Result Syntax
[
'nextToken' => '<string>',
'securityRequirementSummaries' => [
[
'createdAt' => <DateTime>,
'description' => '<string>',
'name' => '<string>',
'packId' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
The pagination token to use in a subsequent request to retrieve the next page of results.
- securityRequirementSummaries
-
- Required: Yes
- Type: Array of SecurityRequirementSummary structures
The list of security requirement summaries.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
ListTagsForResource
$result = $client->listTagsForResource([/* ... */]); $promise = $client->listTagsForResourceAsync([/* ... */]);
Returns the tags associated with the specified resource.
Parameter Syntax
$result = $client->listTagsForResource([
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the resource to list tags for.
Result Syntax
[
'tags' => ['<string>', ...],
]
Result Details
Members
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags associated with the resource.
Errors
There are no errors described for this operation.
ListTargetDomains
$result = $client->listTargetDomains([/* ... */]); $promise = $client->listTargetDomainsAsync([/* ... */]);
Returns a paginated list of target domain summaries in your account.
Parameter Syntax
$result = $client->listTargetDomains([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
Result Syntax
[
'nextToken' => '<string>',
'targetDomainSummaries' => [
[
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response. Set the value of this parameter to null for the first request. For subsequent calls, use the nextToken value returned from the previous request.
- targetDomainSummaries
-
- Type: Array of TargetDomainSummary structures
The list of target domain summaries.
Errors
There are no errors described for this operation.
ListThreatModelJobTasks
$result = $client->listThreatModelJobTasks([/* ... */]); $promise = $client->listThreatModelJobTasksAsync([/* ... */]);
Returns a paginated list of task summaries for the specified threat model job.
Parameter Syntax
$result = $client->listThreatModelJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
'threatModelJobId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
- threatModelJobId
-
- Required: Yes
- Type: string
The unique identifier of the threat model job to list tasks for.
Result Syntax
[
'nextToken' => '<string>',
'threatModelJobTaskSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'taskId' => '<string>',
'threatModelId' => '<string>',
'threatModelJobId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
- threatModelJobTaskSummaries
-
- Type: Array of ThreatModelJobTaskSummary structures
The list of threat model job task summaries.
Errors
There are no errors described for this operation.
ListThreatModelJobs
$result = $client->listThreatModelJobs([/* ... */]); $promise = $client->listThreatModelJobsAsync([/* ... */]);
Returns a paginated list of threat model job summaries for the specified threat model.
Parameter Syntax
$result = $client->listThreatModelJobs([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
'threatModelId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the threat model to list jobs for.
Result Syntax
[
'nextToken' => '<string>',
'threatModelJobSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'threatModelId' => '<string>',
'threatModelJobId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
- threatModelJobSummaries
-
- Type: Array of ThreatModelJobSummary structures
The list of threat model job summaries.
Errors
There are no errors described for this operation.
ListThreatModels
$result = $client->listThreatModels([/* ... */]); $promise = $client->listThreatModelsAsync([/* ... */]);
Returns a paginated list of threat model summaries for the specified agent space.
Parameter Syntax
$result = $client->listThreatModels([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to list threat models for.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
Result Syntax
[
'nextToken' => '<string>',
'threatModelSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'threatModelId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
- threatModelSummaries
-
- Type: Array of ThreatModelSummary structures
The list of threat model summaries.
Errors
There are no errors described for this operation.
ListThreats
$result = $client->listThreats([/* ... */]); $promise = $client->listThreatsAsync([/* ... */]);
Returns a paginated list of threats for a threat model job.
Parameter Syntax
$result = $client->listThreats([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
'threatJobId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- maxResults
-
- Type: int
The maximum number of results to return in a single call.
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
- threatJobId
-
- Required: Yes
- Type: string
The unique identifier of the threat model job to list threats for.
Result Syntax
[
'nextToken' => '<string>',
'threats' => [
[
'createdAt' => <DateTime>,
'createdBy' => 'CUSTOMER|AGENT',
'severity' => 'CRITICAL|HIGH|MEDIUM|LOW|INFO',
'statement' => '<string>',
'status' => 'OPEN|RESOLVED|DISMISSED',
'stride' => ['<string>', ...],
'threatId' => '<string>',
'threatJobId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'updatedBy' => 'CUSTOMER|AGENT',
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
A token to use for paginating results that are returned in the response.
- threats
-
- Type: Array of ThreatSummary structures
The list of threat summaries.
Errors
There are no errors described for this operation.
StartCodeRemediation
$result = $client->startCodeRemediation([/* ... */]); $promise = $client->startCodeRemediationAsync([/* ... */]);
Initiates code remediation for one or more security findings. This creates pull requests in integrated repositories to fix the identified vulnerabilities.
Parameter Syntax
$result = $client->startCodeRemediation([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewJobId' => '<string>',
'findingIds' => ['<string>', ...], // REQUIRED
'pentestJobId' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job that produced the findings. Mutually exclusive with
pentestJobId. - findingIds
-
- Required: Yes
- Type: Array of strings
The list of finding identifiers to initiate code remediation for.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job that produced the findings. Mutually exclusive with
codeReviewJobId.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
StartCodeReviewJob
$result = $client->startCodeReviewJob([/* ... */]); $promise = $client->startCodeReviewJobAsync([/* ... */]);
Starts a new code review job for a code review configuration. The job executes the security-focused code analysis defined in the code review.
Parameter Syntax
$result = $client->startCodeReviewJob([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewId' => '<string>', // REQUIRED
'diffSource' => [
's3Uri' => '<string>',
],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review to start a job for.
- diffSource
-
- Type: DiffSource structure
Source of the diff for a differential scan. When present, the job analyzes only the changed lines instead of performing a full scan.
Result Syntax
[
'agentSpaceId' => '<string>',
'codeReviewId' => '<string>',
'codeReviewJobId' => '<string>',
'createdAt' => <DateTime>,
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review.
- codeReviewJobId
-
- Required: Yes
- Type: string
The unique identifier of the started code review job.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review job was created, in UTC format.
- status
-
- Type: string
The current status of the code review job.
- title
-
- Type: string
The title of the code review job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review job was last updated, in UTC format.
Errors
There are no errors described for this operation.
StartPentestJob
$result = $client->startPentestJob([/* ... */]); $promise = $client->startPentestJobAsync([/* ... */]);
Starts a new pentest job for a pentest configuration. The job executes the security tests defined in the pentest.
Parameter Syntax
$result = $client->startPentestJob([
'agentSpaceId' => '<string>', // REQUIRED
'pentestId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- pentestId
-
- Required: Yes
- Type: string
The unique identifier of the pentest to start a job for.
Result Syntax
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest job was created, in UTC format.
- pentestId
-
- Type: string
The unique identifier of the pentest.
- pentestJobId
-
- Type: string
The unique identifier of the started pentest job.
- status
-
- Type: string
The current status of the pentest job.
- title
-
- Type: string
The title of the pentest job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest job was last updated, in UTC format.
Errors
There are no errors described for this operation.
StartThreatModelJob
$result = $client->startThreatModelJob([/* ... */]); $promise = $client->startThreatModelJobAsync([/* ... */]);
Starts a new threat model job for a threat model configuration.
Parameter Syntax
$result = $client->startThreatModelJob([
'agentSpaceId' => '<string>', // REQUIRED
'threatModelId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the threat model to start a job for.
Result Syntax
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'threatModelId' => '<string>',
'threatModelJobId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job was created, in UTC format.
- status
-
- Type: string
The current status of the threat model job.
- threatModelId
-
- Type: string
The unique identifier of the threat model.
- threatModelJobId
-
- Required: Yes
- Type: string
The unique identifier of the started threat model job.
- title
-
- Type: string
The title of the threat model job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job was last updated, in UTC format.
Errors
There are no errors described for this operation.
StopCodeReviewJob
$result = $client->stopCodeReviewJob([/* ... */]); $promise = $client->stopCodeReviewJobAsync([/* ... */]);
Stops a running code review job. The job transitions to a stopping state and then to stopped after cleanup completes.
Parameter Syntax
$result = $client->stopCodeReviewJob([
'agentSpaceId' => '<string>', // REQUIRED
'codeReviewJobId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- codeReviewJobId
-
- Required: Yes
- Type: string
The unique identifier of the code review job to stop.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
StopPentestJob
$result = $client->stopPentestJob([/* ... */]); $promise = $client->stopPentestJobAsync([/* ... */]);
Stops a running pentest job. The job transitions to a stopping state and then to stopped after cleanup completes.
Parameter Syntax
$result = $client->stopPentestJob([
'agentSpaceId' => '<string>', // REQUIRED
'pentestJobId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- pentestJobId
-
- Required: Yes
- Type: string
The unique identifier of the pentest job to stop.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
StopThreatModelJob
$result = $client->stopThreatModelJob([/* ... */]); $promise = $client->stopThreatModelJobAsync([/* ... */]);
Stops a running threat model job.
Parameter Syntax
$result = $client->stopThreatModelJob([
'agentSpaceId' => '<string>', // REQUIRED
'threatModelJobId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- threatModelJobId
-
- Required: Yes
- Type: string
The unique identifier of the threat model job to stop.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
TagResource
$result = $client->tagResource([/* ... */]); $promise = $client->tagResourceAsync([/* ... */]);
Adds tags to a resource.
Parameter Syntax
$result = $client->tagResource([
'resourceArn' => '<string>', // REQUIRED
'tags' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the resource to tag.
- tags
-
- Required: Yes
- Type: Associative array of custom strings keys (TagKey) to strings
The tags to add to the resource.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
UntagResource
$result = $client->untagResource([/* ... */]); $promise = $client->untagResourceAsync([/* ... */]);
Removes tags from a resource.
Parameter Syntax
$result = $client->untagResource([
'resourceArn' => '<string>', // REQUIRED
'tagKeys' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the resource to remove tags from.
- tagKeys
-
- Required: Yes
- Type: Array of strings
The list of tag keys to remove from the resource.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
UpdateAgentSpace
$result = $client->updateAgentSpace([/* ... */]); $promise = $client->updateAgentSpaceAsync([/* ... */]);
Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.
Parameter Syntax
$result = $client->updateAgentSpace([
'agentSpaceId' => '<string>', // REQUIRED
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false, // REQUIRED
'generalPurposeScanning' => true || false, // REQUIRED
],
'description' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space to update.
- awsResources
-
- Type: AWSResources structure
The updated AWS resources to associate with the agent space.
- codeReviewSettings
-
- Type: CodeReviewSettings structure
The updated code review settings for the agent space.
- description
-
- Type: string
The updated description of the agent space.
- name
-
- Type: string
The updated name of the agent space.
- targetDomainIds
-
- Type: Array of strings
The updated list of target domain identifiers to associate with the agent space.
Result Syntax
[
'agentSpaceId' => '<string>',
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false,
'generalPurposeScanning' => true || false,
],
'createdAt' => <DateTime>,
'description' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the updated agent space.
- awsResources
-
- Type: AWSResources structure
The AWS resources associated with the agent space.
- codeReviewSettings
-
- Type: CodeReviewSettings structure
The code review settings for the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was created, in UTC format.
- description
-
- Type: string
The description of the agent space.
- name
-
- Required: Yes
- Type: string
The name of the agent space.
- targetDomainIds
-
- Type: Array of strings
The list of target domain identifiers associated with the agent space.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was last updated, in UTC format.
Errors
There are no errors described for this operation.
UpdateApplication
$result = $client->updateApplication([/* ... */]); $promise = $client->updateApplicationAsync([/* ... */]);
Updates the configuration of an existing application, including the IAM role and default KMS key.
Parameter Syntax
$result = $client->updateApplication([
'applicationId' => '<string>', // REQUIRED
'defaultKmsKeyId' => '<string>',
'roleArn' => '<string>',
]);
Parameter Details
Members
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application to update.
- defaultKmsKeyId
-
- Type: string
The updated identifier of the default AWS KMS key for the application.
- roleArn
-
- Type: string
The updated Amazon Resource Name (ARN) of the IAM role for the application.
Result Syntax
[
'applicationId' => '<string>',
]
Result Details
Members
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the updated application.
Errors
There are no errors described for this operation.
UpdateCodeReview
$result = $client->updateCodeReview([/* ... */]); $promise = $client->updateCodeReviewAsync([/* ... */]);
Updates an existing code review configuration.
Parameter Syntax
$result = $client->updateCodeReview([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'codeReviewId' => '<string>', // REQUIRED
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'serviceRole' => '<string>',
'title' => '<string>',
'validationMode' => 'DISABLED|SIMULATED',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the code review.
- assets
-
- Type: Assets structure
The updated assets for the code review.
- codeRemediationStrategy
-
- Type: string
The updated code remediation strategy for the code review.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review to update.
- logConfig
-
- Type: CloudWatchLog structure
The updated CloudWatch Logs configuration for the code review.
- serviceRole
-
- Type: string
The updated IAM service role for the code review.
- title
-
- Type: string
The updated title of the code review.
- validationMode
-
- Type: string
The updated validation mode for the code review. Valid values are SIMULATED and DISABLED.
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'codeReviewId' => '<string>',
'createdAt' => <DateTime>,
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'validationMode' => 'DISABLED|SIMULATED',
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space that contains the code review.
- assets
-
- Type: Assets structure
The assets included in the code review.
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the code review.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was created, in UTC format.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the code review.
- serviceRole
-
- Type: string
The IAM service role used for the code review.
- title
-
- Type: string
The title of the code review.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was last updated, in UTC format.
- validationMode
-
- Type: string
The validation mode for the code review.
Errors
There are no errors described for this operation.
UpdateFinding
$result = $client->updateFinding([/* ... */]); $promise = $client->updateFindingAsync([/* ... */]);
Updates the status or risk level of a security finding.
Parameter Syntax
$result = $client->updateFinding([
'agentSpaceId' => '<string>', // REQUIRED
'attackScript' => '<string>',
'customerNote' => '<string>',
'description' => '<string>',
'findingId' => '<string>', // REQUIRED
'name' => '<string>',
'reasoning' => '<string>',
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'riskScore' => '<string>',
'riskType' => '<string>',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the finding.
- attackScript
-
- Type: string
The updated attack script for the finding.
- customerNote
-
- Type: string
A customer-provided note on the finding.
- description
-
- Type: string
The updated description for the finding.
- findingId
-
- Required: Yes
- Type: string
The unique identifier of the finding to update.
- name
-
- Type: string
The updated name for the finding.
- reasoning
-
- Type: string
The updated reasoning for the finding.
- riskLevel
-
- Type: string
The updated risk level for the finding.
- riskScore
-
- Type: string
The updated numerical risk score for the finding.
- riskType
-
- Type: string
The updated risk type for the finding.
- status
-
- Type: string
The updated status for the finding.
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
UpdateIntegratedResources
$result = $client->updateIntegratedResources([/* ... */]); $promise = $client->updateIntegratedResourcesAsync([/* ... */]);
Updates the integrated resources for an agent space, including their capabilities.
Parameter Syntax
$result = $client->updateIntegratedResources([
'agentSpaceId' => '<string>', // REQUIRED
'integrationId' => '<string>', // REQUIRED
'items' => [ // REQUIRED
[
'capabilities' => [
'bitbucket' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
'confluence' => [
'createDocument' => true || false,
'fetchDocument' => true || false,
'updateDocument' => true || false,
],
'github' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
'gitlab' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
],
'resource' => [ // REQUIRED
'bitbucketRepository' => [
'name' => '<string>', // REQUIRED
'workspace' => '<string>', // REQUIRED
],
'confluenceDocument' => [
'name' => '<string>', // REQUIRED
'pageId' => '<string>', // REQUIRED
'spaceKey' => '<string>', // REQUIRED
'spaceTitle' => '<string>',
'title' => '<string>',
],
'githubRepository' => [
'name' => '<string>', // REQUIRED
'owner' => '<string>', // REQUIRED
],
'gitlabRepository' => [
'name' => '<string>', // REQUIRED
'namespace' => '<string>', // REQUIRED
],
],
],
// ...
],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the integration.
- items
-
- Required: Yes
- Type: Array of IntegratedResourceInputItem structures
The list of integrated resource items to update.
Result Syntax
[]
Result Details
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
UpdatePentest
$result = $client->updatePentest([/* ... */]); $promise = $client->updatePentestAsync([/* ... */]);
Updates an existing pentest configuration.
Parameter Syntax
$result = $client->updatePentest([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'disableManagedSkills' => ['<string>', ...],
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'pentestId' => '<string>', // REQUIRED
'serviceRole' => '<string>',
'title' => '<string>',
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the pentest.
- assets
-
- Type: Assets structure
The updated assets for the pentest.
- codeRemediationStrategy
-
- Type: string
The updated code remediation strategy for the pentest.
- disableManagedSkills
-
- Type: Array of strings
The updated list of managed skills to disable for this pentest. Valid values include FINDING_PERSONALIZATION and LOGIN_OPTIMIZATION.
- excludeRiskTypes
-
- Type: Array of strings
The updated list of risk types to exclude from the pentest.
- logConfig
-
- Type: CloudWatchLog structure
The updated CloudWatch Logs configuration for the pentest.
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
The updated network traffic configuration for the pentest.
- pentestId
-
- Required: Yes
- Type: string
The unique identifier of the pentest to update.
- serviceRole
-
- Type: string
The updated IAM service role for the pentest.
- title
-
- Type: string
The updated title of the pentest.
- vpcConfig
-
- Type: VpcConfig structure
The updated VPC configuration for the pentest.
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'createdAt' => <DateTime>,
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space that contains the pentest.
- assets
-
- Type: Assets structure
The assets included in the pentest.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was created, in UTC format.
- excludeRiskTypes
-
- Type: Array of strings
The list of risk types excluded from the pentest.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the pentest.
- pentestId
-
- Type: string
The unique identifier of the pentest.
- serviceRole
-
- Type: string
The IAM service role used for the pentest.
- title
-
- Type: string
The title of the pentest.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was last updated, in UTC format.
Errors
There are no errors described for this operation.
UpdatePrivateConnectionCertificate
$result = $client->updatePrivateConnectionCertificate([/* ... */]); $promise = $client->updatePrivateConnectionCertificateAsync([/* ... */]);
Updates the certificate associated with a private connection. Certificates can be added or replaced but not removed.
Parameter Syntax
$result = $client->updatePrivateConnectionCertificate([
'certificate' => '<string>', // REQUIRED
'privateConnectionName' => '<string>', // REQUIRED
]);
Parameter Details
Members
- certificate
-
- Required: Yes
- Type: string
The PEM-encoded certificate chain for the private connection.
- privateConnectionName
-
- Required: Yes
- Type: string
The name of the private connection to update.
Result Syntax
[
'certificateExpiryTime' => <DateTime>,
'dnsResolution' => 'PUBLIC|IN_VPC',
'failureMessage' => '<string>',
'hostAddress' => '<string>',
'name' => '<string>',
'resourceConfigurationId' => '<string>',
'resourceGatewayId' => '<string>',
'status' => 'ACTIVE|CREATE_IN_PROGRESS|CREATE_FAILED|DELETE_IN_PROGRESS|DELETE_FAILED',
'tags' => ['<string>', ...],
'type' => 'SERVICE_MANAGED|SELF_MANAGED',
'vpcId' => '<string>',
]
Result Details
Members
- certificateExpiryTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the connection's certificate expires, in UTC format.
- dnsResolution
-
- Type: string
The DNS resolution mode for the resource gateway.
- failureMessage
-
- Type: string
A message describing why the private connection entered a failed state, if applicable.
- hostAddress
-
- Type: string
The IP address or DNS name of the target resource.
- name
-
- Required: Yes
- Type: string
The name of the private connection.
- resourceConfigurationId
-
- Type: string
The identifier or ARN of the VPC Lattice resource configuration.
- resourceGatewayId
-
- Type: string
The identifier or ARN of the VPC Lattice resource gateway.
- status
-
- Required: Yes
- Type: string
The current status of the private connection.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags attached to the private connection.
- type
-
- Required: Yes
- Type: string
The type of the private connection, indicating whether it is service-managed or self-managed.
- vpcId
-
- Type: string
The identifier of the VPC the resource gateway is created in.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
UpdateSecurityRequirementPack
$result = $client->updateSecurityRequirementPack([/* ... */]); $promise = $client->updateSecurityRequirementPackAsync([/* ... */]);
Updates a security requirement pack. For customer managed packs, both metadata and status can be updated. For AWS managed packs, only status can be updated.
Parameter Syntax
$result = $client->updateSecurityRequirementPack([
'description' => '<string>',
'name' => '<string>',
'packId' => '<string>', // REQUIRED
'status' => 'ENABLED|DISABLED',
]);
Parameter Details
Members
- description
-
- Type: string
The updated description of the security requirement pack.
- name
-
- Type: string
The updated name of the security requirement pack.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack to update.
- status
-
- Type: string
The updated status of the security requirement pack.
Result Syntax
[
'description' => '<string>',
'name' => '<string>',
'packId' => '<string>',
'status' => 'ENABLED|DISABLED',
]
Result Details
Members
- description
-
- Type: string
The description of the security requirement pack.
- name
-
- Type: string
The name of the security requirement pack.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack.
- status
-
- Type: string
The status of the security requirement pack.
Errors
- ValidationException:
The input fails to satisfy the constraints specified by the service.
- InternalServerException:
An unexpected error occurred during the processing of your request.
- ResourceNotFoundException:
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
- ConflictException:
The request could not be completed due to a conflict with the current state of the resource.
- ThrottlingException:
The request was denied due to request throttling.
- AccessDeniedException:
You do not have sufficient access to perform this action.
UpdateTargetDomain
$result = $client->updateTargetDomain([/* ... */]); $promise = $client->updateTargetDomainAsync([/* ... */]);
Updates the verification method for a target domain.
Parameter Syntax
$result = $client->updateTargetDomain([
'targetDomainId' => '<string>', // REQUIRED
'verificationMethod' => 'DNS_TXT|HTTP_ROUTE|PRIVATE_VPC', // REQUIRED
]);
Parameter Details
Members
- targetDomainId
-
- Required: Yes
- Type: string
The unique identifier of the target domain to update.
- verificationMethod
-
- Required: Yes
- Type: string
The updated verification method for the target domain.
Result Syntax
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationDetails' => [
'dnsTxt' => [
'dnsRecordName' => '<string>',
'dnsRecordType' => 'TXT',
'token' => '<string>',
],
'httpRoute' => [
'routePath' => '<string>',
'token' => '<string>',
],
'method' => 'DNS_TXT|HTTP_ROUTE|PRIVATE_VPC',
],
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'verificationStatusReason' => '<string>',
'verifiedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was created, in UTC format.
- domainName
-
- Required: Yes
- Type: string
The domain name of the target domain.
- targetDomainId
-
- Required: Yes
- Type: string
The unique identifier of the target domain.
- verificationDetails
-
- Type: VerificationDetails structure
The updated verification details for the target domain.
- verificationStatus
-
- Required: Yes
- Type: string
The current verification status of the target domain.
- verificationStatusReason
-
- Type: string
The reason for the current target domain verification status.
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was verified, in UTC format.
Errors
There are no errors described for this operation.
UpdateThreat
$result = $client->updateThreat([/* ... */]); $promise = $client->updateThreatAsync([/* ... */]);
Updates a threat.
Parameter Syntax
$result = $client->updateThreat([
'agentSpaceId' => '<string>', // REQUIRED
'anchor' => [
'id' => '<string>',
'kind' => '<string>',
'packageId' => '<string>',
],
'comments' => '<string>',
'evidence' => [
[
'packageId' => '<string>',
'path' => '<string>',
],
// ...
],
'impactedAssets' => ['<string>', ...],
'impactedGoal' => ['<string>', ...],
'prerequisites' => '<string>',
'recommendation' => '<string>',
'severity' => 'CRITICAL|HIGH|MEDIUM|LOW|INFO',
'statement' => '<string>',
'status' => 'OPEN|RESOLVED|DISMISSED',
'threatAction' => '<string>',
'threatId' => '<string>', // REQUIRED
'threatImpact' => '<string>',
'threatSource' => '<string>',
'title' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- anchor
-
- Type: ThreatAnchorShape structure
The updated DFD element this threat is anchored to.
- comments
-
- Type: string
Optional customer comment.
- evidence
-
- Type: Array of ThreatEvidenceShape structures
The updated source code files supporting the threat.
- impactedAssets
-
- Type: Array of strings
The updated list of specific assets affected by the threat.
- impactedGoal
-
- Type: Array of strings
The updated security goals affected by the threat.
- prerequisites
-
- Type: string
The updated conditions required for the threat to be exploitable.
- recommendation
-
- Type: string
The updated recommended mitigation guidance for this threat.
- severity
-
- Type: string
The updated severity level of the threat.
- statement
-
- Type: string
The updated natural-language threat statement.
- status
-
- Type: string
The updated status of the threat.
- threatAction
-
- Type: string
The updated description of what the threat source can do.
- threatId
-
- Required: Yes
- Type: string
The unique identifier of the threat to update.
- threatImpact
-
- Type: string
The updated direct consequence of the threat action.
- threatSource
-
- Type: string
The updated actor or origin of the threat.
- title
-
- Type: string
A short title summarizing the threat.
Result Syntax
[
'anchor' => [
'id' => '<string>',
'kind' => '<string>',
'packageId' => '<string>',
],
'comments' => '<string>',
'createdAt' => <DateTime>,
'createdBy' => 'CUSTOMER|AGENT',
'evidence' => [
[
'packageId' => '<string>',
'path' => '<string>',
],
// ...
],
'impactedAssets' => ['<string>', ...],
'impactedGoal' => ['<string>', ...],
'prerequisites' => '<string>',
'recommendation' => '<string>',
'severity' => 'CRITICAL|HIGH|MEDIUM|LOW|INFO',
'statement' => '<string>',
'status' => 'OPEN|RESOLVED|DISMISSED',
'stride' => ['<string>', ...],
'threatAction' => '<string>',
'threatId' => '<string>',
'threatImpact' => '<string>',
'threatJobId' => '<string>',
'threatSource' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'updatedBy' => 'CUSTOMER|AGENT',
]
Result Details
Members
- anchor
-
- Type: ThreatAnchorShape structure
The DFD element this threat is anchored to.
- comments
-
- Type: string
Optional customer comment on the threat.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was created, in UTC format.
- createdBy
-
- Type: string
Who created this threat.
- evidence
-
- Type: Array of ThreatEvidenceShape structures
The source code files supporting the threat.
- impactedAssets
-
- Type: Array of strings
The specific assets affected by the threat.
- impactedGoal
-
- Type: Array of strings
The security goals affected by the threat.
- prerequisites
-
- Type: string
The conditions required for the threat to be exploitable.
- recommendation
-
- Type: string
The recommended mitigation guidance for this threat.
- severity
-
- Type: string
The severity level of the threat.
- statement
-
- Type: string
The natural-language threat statement.
- status
-
- Type: string
The current status of the threat.
- stride
-
- Type: Array of strings
The STRIDE categories applicable to this threat.
- threatAction
-
- Type: string
What the threat source can do.
- threatId
-
- Required: Yes
- Type: string
The unique identifier of the threat.
- threatImpact
-
- Type: string
The direct consequence of the threat action.
- threatJobId
-
- Required: Yes
- Type: string
The unique identifier of the threat model job the threat belongs to.
- threatSource
-
- Type: string
The actor or origin of the threat.
- title
-
- Type: string
A short title summarizing the threat.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was last updated, in UTC format.
- updatedBy
-
- Type: string
Who last updated this threat.
Errors
There are no errors described for this operation.
UpdateThreatModel
$result = $client->updateThreatModel([/* ... */]); $promise = $client->updateThreatModelAsync([/* ... */]);
Updates an existing threat model configuration.
Parameter Syntax
$result = $client->updateThreatModel([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'description' => '<string>',
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'scopeDocs' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>', // REQUIRED
'resourceId' => '<string>', // REQUIRED
],
's3Location' => '<string>',
],
// ...
],
'serviceRole' => '<string>',
'threatModelId' => '<string>', // REQUIRED
'title' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the threat model.
- assets
-
- Type: Assets structure
The updated assets for the threat model.
- description
-
- Type: string
The updated description of the application or system being threat modeled.
- logConfig
-
- Type: CloudWatchLog structure
The updated CloudWatch Logs configuration for the threat model.
- scopeDocs
-
- Type: Array of DocumentInfo structures
The updated scoped documents for the agent to focus on during threat modeling.
- serviceRole
-
- Type: string
The updated IAM service role for the threat model.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the threat model to update.
- title
-
- Type: string
The updated title of the threat model.
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'createdAt' => <DateTime>,
'description' => '<string>',
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'scopeDocs' => [
[
'artifactId' => '<string>',
'integratedDocument' => [
'integrationId' => '<string>',
'resourceId' => '<string>',
],
's3Location' => '<string>',
],
// ...
],
'serviceRole' => '<string>',
'threatModelId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space that contains the threat model.
- assets
-
- Type: Assets structure
The assets included in the threat model.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was created, in UTC format.
- description
-
- Type: string
A description of the application or system being threat modeled.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the threat model.
- scopeDocs
-
- Type: Array of DocumentInfo structures
The scoped documents for the agent to focus on during threat modeling.
- serviceRole
-
- Type: string
The IAM service role used for the threat model.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the threat model.
- title
-
- Type: string
The title of the threat model.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was last updated, in UTC format.
Errors
There are no errors described for this operation.
VerifyTargetDomain
$result = $client->verifyTargetDomain([/* ... */]); $promise = $client->verifyTargetDomainAsync([/* ... */]);
Initiates verification of a target domain. This checks whether the domain ownership verification token has been properly configured.
Parameter Syntax
$result = $client->verifyTargetDomain([
'targetDomainId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- targetDomainId
-
- Required: Yes
- Type: string
The unique identifier of the target domain to verify.
Result Syntax
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'status' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'targetDomainId' => '<string>',
'updatedAt' => <DateTime>,
'verificationStatusReason' => '<string>',
'verifiedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was created, in UTC format.
- domainName
-
- Type: string
The domain name of the target domain.
- status
-
- Type: string
The verification status of the target domain.
- targetDomainId
-
- Type: string
The unique identifier of the target domain.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was last updated, in UTC format.
- verificationStatusReason
-
- Type: string
The reason for the current target domain verification status.
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was verified, in UTC format.
Errors
There are no errors described for this operation.
Shapes
AWSResources
Description
The AWS resources associated with an agent space, including VPCs, log groups, S3 buckets, secrets, Lambda functions, and IAM roles.
Members
- iamRoles
-
- Type: Array of strings
The IAM roles associated with the agent space.
- lambdaFunctionArns
-
- Type: Array of strings
The Amazon Resource Names (ARNs) of the Lambda functions associated with the agent space.
- logGroups
-
- Type: Array of strings
The Amazon Resource Names (ARNs) of the CloudWatch log groups associated with the agent space.
- s3Buckets
-
- Type: Array of strings
The Amazon Resource Names (ARNs) of the S3 buckets associated with the agent space.
- secretArns
-
- Type: Array of strings
The Amazon Resource Names (ARNs) of the Secrets Manager secrets associated with the agent space.
- vpcs
-
- Type: Array of VpcConfig structures
The VPC configurations associated with the agent space.
AccessDeniedException
Description
You do not have sufficient access to perform this action.
Members
- message
-
- Required: Yes
- Type: string
Error description.
Actor
Description
Represents an actor used during penetration testing. An actor defines a user or entity that interacts with the target application, including authentication credentials and target URIs.
Members
- authentication
-
- Type: Authentication structure
The authentication configuration for the actor.
- description
-
- Type: string
A description of the actor.
- identifier
-
- Type: string
The unique identifier for the actor.
- uris
-
- Type: Array of strings
The list of URIs that the actor targets during testing.
AgentSpace
Description
Represents an agent space, which is a dedicated workspace for securing a specific application. An agent space contains the configuration, resources, and settings needed for security testing.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- awsResources
-
- Type: AWSResources structure
The AWS resources associated with the agent space.
- codeReviewSettings
-
- Type: CodeReviewSettings structure
The code review settings for the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was created, in UTC format.
- description
-
- Type: string
A description of the agent space.
- kmsKeyId
-
- Type: string
The identifier of the AWS KMS key used to encrypt data in the agent space.
- name
-
- Required: Yes
- Type: string
The name of the agent space.
- targetDomainIds
-
- Type: Array of strings
The list of target domain identifiers associated with the agent space.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was last updated, in UTC format.
AgentSpaceSummary
Description
Contains summary information about an agent space.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was created, in UTC format.
- name
-
- Required: Yes
- Type: string
The name of the agent space.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the agent space was last updated, in UTC format.
ApplicationSummary
Description
Contains summary information about an application.
Members
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application.
- applicationName
-
- Required: Yes
- Type: string
The name of the application.
- defaultKmsKeyId
-
- Type: string
The identifier of the default AWS KMS key used to encrypt data for the application.
- domain
-
- Required: Yes
- Type: string
The domain associated with the application.
Artifact
Description
Represents an artifact that provides context for security testing, such as documentation, diagrams, or configuration files.
Members
- contents
-
- Required: Yes
- Type: string
The content of the artifact.
- type
-
- Required: Yes
- Type: string
The file type of the artifact.
ArtifactMetadataItem
Description
Contains metadata about an artifact.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the artifact.
- artifactId
-
- Required: Yes
- Type: string
The unique identifier of the artifact.
- fileName
-
- Required: Yes
- Type: string
The file name of the artifact.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the artifact was last updated, in UTC format.
ArtifactSummary
Description
Contains summary information about an artifact.
Members
- artifactId
-
- Required: Yes
- Type: string
The unique identifier of the artifact.
- artifactType
-
- Required: Yes
- Type: string
The file type of the artifact.
- fileName
-
- Required: Yes
- Type: string
The file name of the artifact.
Assets
Description
The collection of assets used in a pentest configuration, including endpoints, actors, documents, source code repositories, and integrated repositories.
Members
- actors
-
- Type: Array of Actor structures
The list of actors used during penetration testing.
- documents
-
- Type: Array of DocumentInfo structures
The list of documents that provide context for the pentest.
- endpoints
-
- Type: Array of Endpoint structures
The list of endpoints to test during the pentest.
- integratedRepositories
-
- Type: Array of IntegratedRepository structures
The list of integrated repositories associated with the pentest.
- sourceCode
-
- Type: Array of SourceCodeRepository structures
The list of source code repositories to analyze during the pentest.
Authentication
Description
The authentication configuration for an actor, specifying the provider type and credentials.
Members
- providerType
-
- Type: string
The type of authentication provider. Valid values include SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, and AWS_INTERNAL.
- value
-
- Type: string
The authentication value, such as a secret ARN, Lambda function ARN, or IAM role ARN, depending on the provider type.
BatchCreateSecurityRequirementResult
Description
Contains information about a successfully created security requirement.
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement was created, in UTC format.
- description
-
- Required: Yes
- Type: string
A description of the security requirement.
- domain
-
- Required: Yes
- Type: string
The security domain the requirement belongs to.
- evaluation
-
- Required: Yes
- Type: string
The evaluation criteria used to assess compliance with this requirement.
- name
-
- Required: Yes
- Type: string
The name of the security requirement.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the pack containing the security requirement.
- remediation
-
- Type: string
The recommended remediation steps when the requirement is not met.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement was last updated, in UTC format.
BatchGetSecurityRequirementResult
Description
Contains information about a successfully retrieved security requirement.
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement was created, in UTC format.
- description
-
- Required: Yes
- Type: string
A description of the security requirement.
- domain
-
- Required: Yes
- Type: string
The security domain the requirement belongs to.
- evaluation
-
- Required: Yes
- Type: string
The evaluation criteria used to assess compliance with this requirement.
- name
-
- Required: Yes
- Type: string
The name of the security requirement.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the pack containing the security requirement.
- remediation
-
- Type: string
The recommended remediation steps when the requirement is not met.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement was last updated, in UTC format.
BatchSecurityRequirementError
Description
Contains information about an error that occurred for a specific security requirement during a batch operation.
Members
- code
-
- Required: Yes
- Type: string
The error code.
- message
-
- Required: Yes
- Type: string
The error message.
- securityRequirementName
-
- Required: Yes
- Type: string
The name of the security requirement that caused the error.
BitbucketIntegrationInput
Description
The configuration for creating a Bitbucket integration.
Members
- code
-
- Required: Yes
- Type: string
The OAuth 2.0 authorization code returned from the consent redirect.
- installationId
-
- Required: Yes
- Type: string
The Atlassian installation identifier, available from the Atlassian administration console.
- state
-
- Required: Yes
- Type: string
The CSRF state token echoed back from the OAuth redirect.
- workspace
-
- Required: Yes
- Type: string
The Bitbucket workspace slug that identifies the workspace to integrate, for example acme-corp.
BitbucketRepositoryMetadata
Description
Metadata for an integrated Bitbucket repository.
Members
- accessType
-
- Type: string
Defines the visibility level of provider resources. PRIVATE indicates restricted access, while PUBLIC indicates open access.
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc.
- providerResourceId
-
- Required: Yes
- Type: string
Provider Id of the resource e.g. GitHub repository id, etc.
- workspace
-
- Required: Yes
- Type: string
The workspace slug that owns the repository.
BitbucketRepositoryResource
Description
A Bitbucket repository integrated as a resource.
Members
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc.
- workspace
-
- Required: Yes
- Type: string
The workspace slug that owns the repository.
BitbucketResourceCapabilities
Description
Capabilities for an integrated Bitbucket repository.
Members
- leaveComments
-
- Type: boolean
Whether to post code review comments on pull requests.
- remediateCode
-
- Type: boolean
Whether to create pull requests with automated fixes.
Category
Description
Represents a category assigned to a security testing task.
Members
- isPrimary
-
- Type: boolean
Indicates whether this is the primary category for the task.
- name
-
- Type: string
The name of the category.
CloudWatchLog
Description
The Amazon CloudWatch Logs configuration for pentest job logging.
Members
- logGroup
-
- Type: string
The name of the CloudWatch log group.
- logStream
-
- Type: string
The name of the CloudWatch log stream.
CodeLocation
Description
Represents a location in source code associated with a security finding.
Members
- filePath
-
- Required: Yes
- Type: string
The absolute path to the file containing the code location.
- label
-
- Type: string
The role of this location in the vulnerability, such as source or sink.
- lineEnd
-
- Type: int
The ending line number of the code location.
- lineStart
-
- Type: int
The starting line number of the code location.
CodeRemediationTask
Description
Represents a code remediation task that was initiated to fix a security finding.
Members
- status
-
- Required: Yes
- Type: string
The current status of the code remediation task.
- statusReason
-
- Type: string
The reason for the current status of the code remediation task.
- taskDetails
-
- Type: Array of CodeRemediationTaskDetails structures
The list of details for the code remediation task, including repository name, code diff link, and pull request link.
CodeRemediationTaskDetails
Description
Contains details about a code remediation task, including links to the code diff and pull request.
Members
- codeDiffLink
-
- Type: string
The link to the code diff for the remediation.
- pullRequestLink
-
- Type: string
The link to the pull request created for the remediation.
- repoName
-
- Type: string
The name of the repository where the remediation was applied.
CodeReview
Description
Represents a code review configuration that defines the parameters for automated security-focused code analysis, including target assets and logging configuration.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the code review.
- assets
-
- Required: Yes
- Type: Assets structure
The assets included in the code review.
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the code review.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was created, in UTC format.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the code review.
- serviceRole
-
- Type: string
The IAM service role used for the code review.
- title
-
- Required: Yes
- Type: string
The title of the code review.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was last updated, in UTC format.
- validationMode
-
- Type: string
The validation mode for the code review. Valid values are SIMULATED and DISABLED.
CodeReviewJob
Description
Represents a code review job, which is an execution instance of a code review. A code review job progresses through preflight, static analysis, and finalizing steps.
Members
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the code review job.
- codeReviewId
-
- Type: string
The unique identifier of the code review associated with the job.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review job was created, in UTC format.
- documents
-
- Type: Array of DocumentInfo structures
The list of documents providing context for the code review job.
- errorInformation
-
- Type: ErrorInformation structure
Error information if the code review job encountered an error.
- executionContext
-
- Type: Array of ExecutionContext structures
The execution context messages for the code review job.
- integratedRepositories
-
- Type: Array of IntegratedRepository structures
The list of integrated repositories associated with the code review job.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the code review job.
- overview
-
- Type: string
An overview of the code review job results.
- serviceRole
-
- Type: string
The IAM service role used for the code review job.
- sourceCode
-
- Type: Array of SourceCodeRepository structures
The list of source code repositories analyzed during the code review job.
- status
-
- Type: string
The current status of the code review job.
- steps
-
- Type: Array of Step structures
The list of steps in the code review job execution.
- title
-
- Type: string
The title of the code review job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review job was last updated, in UTC format.
CodeReviewJobSummary
Description
Contains summary information about a code review job.
Members
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review associated with the job.
- codeReviewJobId
-
- Required: Yes
- Type: string
The unique identifier of the code review job.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review job was created, in UTC format.
- status
-
- Type: string
The current status of the code review job.
- title
-
- Type: string
The title of the code review job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review job was last updated, in UTC format.
CodeReviewJobTask
Description
Represents an individual security test task within a code review job. Each task targets a specific risk type and executes independently.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- categories
-
- Type: Array of Category structures
The list of categories assigned to the task.
- codeReviewId
-
- Type: string
The unique identifier of the code review associated with the task.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job that contains the task.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was created, in UTC format.
- description
-
- Type: string
A description of the task.
- executionStatus
-
- Type: string
The current execution status of the task.
- logsLocation
-
- Type: LogLocation structure
The location of the task execution logs.
- riskType
-
- Type: string
The type of security risk the task is testing for.
- taskId
-
- Required: Yes
- Type: string
The unique identifier of the task.
- title
-
- Type: string
The title of the task.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was last updated, in UTC format.
CodeReviewJobTaskSummary
Description
Contains summary information about a code review job task.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- codeReviewId
-
- Type: string
The unique identifier of the code review associated with the task.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job that contains the task.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was created, in UTC format.
- executionStatus
-
- Type: string
The current execution status of the task.
- riskType
-
- Type: string
The type of security risk the task is testing for.
- taskId
-
- Required: Yes
- Type: string
The unique identifier of the task.
- title
-
- Type: string
The title of the task.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was last updated, in UTC format.
CodeReviewSettings
Description
The code review settings for an agent space, controlling which types of scanning are enabled.
Members
- controlsScanning
-
- Required: Yes
- Type: boolean
Indicates whether controls scanning is enabled for code reviews.
- generalPurposeScanning
-
- Required: Yes
- Type: boolean
Indicates whether general-purpose scanning is enabled for code reviews.
CodeReviewSummary
Description
Contains summary information about a code review.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the code review.
- codeReviewId
-
- Required: Yes
- Type: string
The unique identifier of the code review.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was created, in UTC format.
- title
-
- Required: Yes
- Type: string
The title of the code review.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the code review was last updated, in UTC format.
ConflictException
Description
The request could not be completed due to a conflict with the current state of the resource.
Members
- message
-
- Required: Yes
- Type: string
Error description.
ConfluenceDocumentMetadata
Description
Metadata for an integrated Confluence document.
Members
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc.
- pageId
-
- Required: Yes
- Type: string
The Confluence page identifier.
- providerResourceId
-
- Required: Yes
- Type: string
Provider Id of the resource e.g. GitHub repository id, etc.
- spaceKey
-
- Required: Yes
- Type: string
The Confluence space key containing the document.
- spaceTitle
-
- Type: string
The display title of the Confluence space.
- title
-
- Type: string
The display title of the Confluence page.
ConfluenceDocumentResource
Description
A Confluence document (page) integrated as a resource.
Members
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc.
- pageId
-
- Required: Yes
- Type: string
The Confluence page identifier.
- spaceKey
-
- Required: Yes
- Type: string
The Confluence space key containing the document.
- spaceTitle
-
- Type: string
The display title of the Confluence space.
- title
-
- Type: string
The display title of the Confluence page.
ConfluenceIntegrationInput
Description
The configuration for creating a Confluence integration.
Members
- code
-
- Required: Yes
- Type: string
The OAuth 2.0 authorization code returned from the consent redirect.
- installationId
-
- Required: Yes
- Type: string
The Atlassian installation identifier, available from the Atlassian administration console.
- siteUrl
-
- Required: Yes
- Type: string
The Confluence Cloud site URL, for example https://mysite.atlassian.net.
- state
-
- Required: Yes
- Type: string
The CSRF state token echoed back from the OAuth redirect.
ConfluenceResourceCapabilities
Description
Capabilities for an integrated Confluence space.
Members
- createDocument
-
- Type: boolean
Whether to create documents in this space.
- fetchDocument
-
- Type: boolean
Whether to fetch documents from this space.
- updateDocument
-
- Type: boolean
Whether to update documents in this space.
CreateSecurityRequirementEntry
Description
Contains the details for a security requirement to create within a pack.
Members
- description
-
- Required: Yes
- Type: string
A description of the security requirement.
- domain
-
- Required: Yes
- Type: string
The security domain the requirement belongs to.
- evaluation
-
- Required: Yes
- Type: string
The evaluation criteria used to assess compliance with this requirement.
- name
-
- Required: Yes
- Type: string
The name of the security requirement.
- remediation
-
- Type: string
The recommended remediation steps when the requirement is not met.
CustomHeader
Description
A custom HTTP header to include in network traffic during penetration testing.
Members
- name
-
- Type: string
The name of the custom header.
- value
-
- Type: string
The value of the custom header.
DeleteCodeReviewFailure
Description
Contains information about a code review that failed to delete.
Members
- codeReviewId
-
- Type: string
The unique identifier of the code review that failed to delete.
- reason
-
- Type: string
The reason the code review failed to delete.
DeletePentestFailure
Description
Contains information about a pentest that failed to delete.
Members
- pentestId
-
- Type: string
The unique identifier of the pentest that failed to delete.
- reason
-
- Type: string
The reason the pentest failed to delete.
DeleteThreatModelFailure
Description
Contains information about a threat model that failed to delete.
Members
- reason
-
- Type: string
The reason the threat model failed to delete.
- threatModelId
-
- Type: string
The unique identifier of the threat model that failed to delete.
DiffSource
Description
Source of the diff for a differential code scan.
Members
- s3Uri
-
- Type: string
S3 URI pointing to a unified diff file. The file must be in standard unified diff format and stored in an S3 bucket connected to your Agent Space.
DiscoveredEndpoint
Description
Represents an endpoint discovered during a pentest job.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space associated with the discovered endpoint.
- description
-
- Type: string
A description of the discovered endpoint.
- evidence
-
- Type: string
The evidence that led to the discovery of the endpoint.
- operation
-
- Type: string
The HTTP operation associated with the discovered endpoint.
- pentestJobId
-
- Required: Yes
- Type: string
The unique identifier of the pentest job that discovered the endpoint.
- taskId
-
- Required: Yes
- Type: string
The unique identifier of the task that discovered the endpoint.
- uri
-
- Required: Yes
- Type: string
The URI of the discovered endpoint.
DnsVerification
Description
Contains DNS verification details for a target domain, including the DNS record to create for domain ownership verification.
Members
- dnsRecordName
-
- Type: string
The name of the DNS record to create for verification.
- dnsRecordType
-
- Type: string
The type of DNS record to create. Currently, only TXT is supported.
- token
-
- Type: string
The verification token to include in the DNS record value.
DocumentInfo
Description
Represents a document that provides context for security testing.
Members
- artifactId
-
- Type: string
The unique identifier of the artifact associated with the document.
- integratedDocument
-
- Type: IntegratedDocument structure
A reference to a document in an integrated third-party provider.
- s3Location
-
- Type: string
The Amazon S3 location of the document.
Endpoint
Description
Represents a target endpoint for penetration testing.
Members
- uri
-
- Type: string
The URI of the endpoint.
ErrorInformation
Description
Contains error information for a pentest job that encountered an error.
Members
- code
-
- Type: string
The error code. Valid values include CLIENT_ERROR, INTERNAL_ERROR, and STOPPED_BY_USER.
- message
-
- Type: string
A message describing the error.
ExecutionContext
Description
Contains contextual information about the execution of a pentest job, such as errors, warnings, or informational messages.
Members
- context
-
- Type: string
The context message.
- contextType
-
- Type: string
The type of context. Valid values include ERROR, CLIENT_ERROR, WARNING, and INFO.
- timestamp
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the context was recorded, in UTC format.
Finding
Description
Represents a security finding discovered during a pentest job. A finding contains details about a vulnerability, including its risk level, confidence, and remediation status.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space associated with the finding.
- alignmentRationale
-
- Type: string
The rationale provided by the alignment agent explaining how the finding was adjusted based on customer preferences.
- attackScript
-
- Type: string
The attack script used to reproduce the finding.
- codeLocations
-
- Type: Array of CodeLocation structures
The file locations involved in the vulnerability, as reported by the code scanner.
- codeRemediationTask
-
- Type: CodeRemediationTask structure
The code remediation task associated with the finding, if code remediation was initiated.
- codeReviewId
-
- Type: string
The unique identifier of the code review associated with the finding.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job that produced the finding.
- confidence
-
- Type: string
The confidence level of the finding. Valid values include FALSE_POSITIVE, UNCONFIRMED, LOW, MEDIUM, and HIGH.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the finding was created, in UTC format.
- customerNote
-
- Type: string
A customer-provided note on the finding.
- description
-
- Type: string
A description of the finding.
- findingId
-
- Required: Yes
- Type: string
The unique identifier of the finding.
- lastUpdatedBy
-
- Type: string
The identifier of the entity that last updated the finding.
- name
-
- Type: string
The name of the finding.
- pentestId
-
- Type: string
The unique identifier of the pentest associated with the finding.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job that produced the finding.
- reasoning
-
- Type: string
The reasoning behind the finding, explaining why it was identified as a vulnerability.
- riskLevel
-
- Type: string
The risk level of the finding. Valid values include UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, and CRITICAL.
- riskScore
-
- Type: string
The numerical risk score of the finding.
- riskType
-
- Type: string
The type of security risk identified by the finding.
- status
-
- Type: string
The current status of the finding. Valid values include ACTIVE, RESOLVED, ACCEPTED, and FALSE_POSITIVE.
- taskId
-
- Type: string
The unique identifier of the task that produced the finding.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the finding was last updated, in UTC format.
- validationStatus
-
- Type: string
The simulated validation status of the finding. Valid values are NOT_VALIDATED, VALIDATING, CONFIRMED, NOT_REPRODUCED, and VALIDATION_FAILED.
- verificationScript
-
- Type: VerificationScript structure
The verification script metadata for reproducing the finding, including download URL, instructions, and required environment variables.
FindingSummary
Description
Contains summary information about a security finding.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space associated with the finding.
- codeReviewId
-
- Type: string
The unique identifier of the code review associated with the finding.
- codeReviewJobId
-
- Type: string
The unique identifier of the code review job that produced the finding.
- confidence
-
- Type: string
The confidence level of the finding.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the finding was created, in UTC format.
- findingId
-
- Required: Yes
- Type: string
The unique identifier of the finding.
- name
-
- Type: string
The name of the finding.
- pentestId
-
- Type: string
The unique identifier of the pentest associated with the finding.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job that produced the finding.
- riskLevel
-
- Type: string
The risk level of the finding.
- riskType
-
- Type: string
The type of security risk identified by the finding.
- status
-
- Type: string
The current status of the finding.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the finding was last updated, in UTC format.
- validationStatus
-
- Type: string
The simulated validation status of the finding.
GitHubIntegrationInput
Description
The input required to create a GitHub integration, including the OAuth authorization code and CSRF state.
Members
- code
-
- Required: Yes
- Type: string
The OAuth authorization code received from GitHub.
- installationId
-
- Type: string
The installation identifier provided by GitHub Enterprise Server on the install callback. Required for GitHub Enterprise Server integrations and ignored for GitHub.com.
- organizationName
-
- Type: string
The name of the GitHub organization to integrate with.
- state
-
- Required: Yes
- Type: string
The CSRF state token for validating the OAuth flow.
- targetUrl
-
- Type: string
The HTTPS URL of a self-hosted GitHub Enterprise Server instance. Omit this value for GitHub.com.
GitHubRepositoryMetadata
Description
Contains metadata about a GitHub repository that is integrated with the service.
Members
- accessType
-
- Type: string
The access type of the GitHub repository. Valid values are PRIVATE and PUBLIC.
- name
-
- Required: Yes
- Type: string
The name of the GitHub repository.
- owner
-
- Required: Yes
- Type: string
The owner of the GitHub repository.
- providerResourceId
-
- Required: Yes
- Type: string
The provider-specific resource identifier for the GitHub repository.
GitHubRepositoryResource
Description
Represents a GitHub repository resource used in an integration.
Members
- name
-
- Required: Yes
- Type: string
The name of the GitHub repository.
- owner
-
- Required: Yes
- Type: string
The owner of the GitHub repository.
GitHubResourceCapabilities
Description
The capabilities enabled for a GitHub resource integration.
Members
- leaveComments
-
- Type: boolean
Indicates whether the integration can leave comments on pull requests.
- remediateCode
-
- Type: boolean
Indicates whether the integration can create code remediation pull requests.
GitLabIntegrationInput
Description
The configuration for creating a GitLab integration.
Members
- accessToken
-
- Required: Yes
- Type: string
The GitLab access token used to authenticate. This can be a personal access token or a group access token.
- groupId
-
- Type: string
The identifier of the GitLab group. Required when tokenType is group and ignored for personal tokens.
- targetUrl
-
- Type: string
The HTTPS URL of a self-managed GitLab instance. Omit this value for GitLab SaaS (gitlab.com).
- tokenType
-
- Required: Yes
- Type: string
The type of GitLab access token provided in accessToken.
GitLabRepositoryMetadata
Description
Metadata for an integrated GitLab repository.
Members
- accessType
-
- Type: string
Defines the visibility level of provider resources. PRIVATE indicates restricted access, while PUBLIC indicates open access.
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc.
- namespace
-
- Required: Yes
- Type: string
The namespace (group or user path) that owns the project.
- providerResourceId
-
- Required: Yes
- Type: string
Provider Id of the resource e.g. GitHub repository id, etc.
GitLabRepositoryResource
Description
A GitLab repository integrated as a resource.
Members
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc.
- namespace
-
- Required: Yes
- Type: string
The namespace (group or user path) that owns the project.
GitLabResourceCapabilities
Description
Capabilities for an integrated GitLab repository.
Members
- leaveComments
-
- Type: boolean
Whether to post code review comments on merge request discussions.
- remediateCode
-
- Type: boolean
Whether to create merge requests with automated fixes.
HttpVerification
Description
Contains HTTP route verification details for a target domain, including the route path and token to serve for domain ownership verification.
Members
- routePath
-
- Type: string
The HTTP route path where the verification token must be served.
- token
-
- Type: string
The verification token to serve at the specified route path.
IdCConfiguration
Description
The IAM Identity Center configuration for an application.
Members
- idcApplicationArn
-
- Type: string
The Amazon Resource Name (ARN) of the IAM Identity Center application.
- idcInstanceArn
-
- Type: string
The Amazon Resource Name (ARN) of the IAM Identity Center instance.
ImportSource
Description
The source from which to import security requirements. Currently supports document uploads.
Members
- documents
-
- Type: Array of SecurityRequirementArtifact structures
The list of documents to extract security requirements from.
IntegratedDocument
Description
A reference to a document in a third-party provider, such as a Confluence page linked via an integration.
Members
- integrationId
-
- Required: Yes
- Type: string
The identifier of the integration that provides access to the document.
- resourceId
-
- Required: Yes
- Type: string
The provider-specific resource identifier for the document.
IntegratedRepository
Description
Represents a code repository that is integrated with the service through a third-party provider.
Members
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the integration that provides access to the repository.
- providerResourceId
-
- Required: Yes
- Type: string
The provider-specific resource identifier for the repository.
IntegratedResource
Description
Represents an integrated resource from a third-party provider. This is a union type that contains provider-specific resource information.
Members
- bitbucketRepository
-
- Type: BitbucketRepositoryResource structure
A Bitbucket repository integrated as a resource.
- confluenceDocument
-
- Type: ConfluenceDocumentResource structure
A Confluence document (page) integrated as a resource.
- githubRepository
-
- Type: GitHubRepositoryResource structure
The GitHub repository resource information.
- gitlabRepository
-
- Type: GitLabRepositoryResource structure
A GitLab repository integrated as a resource.
IntegratedResourceInputItem
Description
Represents an input item for updating integrated resources, including the resource and its capabilities.
Members
- capabilities
-
- Type: ProviderResourceCapabilities structure
The capabilities to enable for the integrated resource.
- resource
-
- Required: Yes
- Type: IntegratedResource structure
The integrated resource to update.
IntegratedResourceMetadata
Description
Contains metadata about an integrated resource. This is a union type that contains provider-specific metadata.
Members
- bitbucketRepository
-
- Type: BitbucketRepositoryMetadata structure
Metadata for an integrated Bitbucket repository.
- confluenceDocument
-
- Type: ConfluenceDocumentMetadata structure
Metadata for an integrated Confluence document.
- githubRepository
-
- Type: GitHubRepositoryMetadata structure
The GitHub repository metadata.
- gitlabRepository
-
- Type: GitLabRepositoryMetadata structure
Metadata for an integrated GitLab repository.
IntegratedResourceSummary
Description
Contains summary information about an integrated resource.
Members
- capabilities
-
- Type: ProviderResourceCapabilities structure
The capabilities enabled for the integrated resource.
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the integration that provides access to the resource.
- resource
-
- Required: Yes
- Type: IntegratedResourceMetadata structure
The metadata for the integrated resource.
IntegrationFilter
Description
A filter for listing integrations. This is a union type where you can filter by provider or provider type.
Members
- provider
-
- Type: string
Filter integrations by provider.
- providerType
-
- Type: string
Filter integrations by provider type.
IntegrationSummary
Description
Contains summary information about an integration.
Members
- displayName
-
- Required: Yes
- Type: string
The display name of the integration.
- installationId
-
- Required: Yes
- Type: string
The installation identifier from the integration provider.
- integrationId
-
- Required: Yes
- Type: string
The unique identifier of the integration.
- privateConnectionName
-
- Type: string
The name of the private connection used to reach the integration's self-hosted instance over private networking, if one is configured.
- provider
-
- Required: Yes
- Type: string
The integration provider.
- providerType
-
- Required: Yes
- Type: string
The type of the integration provider.
- targetUrl
-
- Type: string
The HTTPS URL of the customer self-hosted instance, such as a GitHub Enterprise Server or self-managed GitLab instance. This value is absent for SaaS integrations.
InternalServerException
Description
An unexpected error occurred during the processing of your request.
Members
- message
-
- Required: Yes
- Type: string
Error description.
ListSecurityRequirementPackFilter
Description
Filter criteria for listing security requirement packs.
Members
- managementType
-
- Type: string
Filter packs by management type. Valid values are AWS_MANAGED and CUSTOMER_MANAGED.
- status
-
- Type: string
Filter packs by status. Valid values are ENABLED and DISABLED.
LogLocation
Description
The log location for a task, specifying where task execution logs are stored.
Members
- cloudWatchLog
-
- Type: CloudWatchLog structure
The CloudWatch Logs location for the task logs.
- logType
-
- Type: string
The type of log storage. Currently, only CLOUDWATCH is supported.
MemberMetadata
Description
Contains metadata about a member. This is a union type that contains member-type-specific metadata.
Members
- user
-
- Type: UserMetadata structure
The user metadata for the member.
MembershipConfig
Description
The configuration for a membership. This is a union type that contains member-type-specific configuration.
Members
- user
-
- Type: UserConfig structure
The user configuration for the membership.
MembershipSummary
Description
Contains summary information about a membership.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space.
- applicationId
-
- Required: Yes
- Type: string
The unique identifier of the application.
- config
-
- Type: MembershipConfig structure
The configuration for the membership.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the membership was created, in UTC format.
- createdBy
-
- Required: Yes
- Type: string
The identifier of the entity that created the membership.
- memberType
-
- Required: Yes
- Type: string
The type of member.
- membershipId
-
- Required: Yes
- Type: string
The unique identifier of the membership.
- metadata
-
- Type: MemberMetadata structure
The metadata for the member.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the membership was last updated, in UTC format.
- updatedBy
-
- Required: Yes
- Type: string
The identifier of the entity that last updated the membership.
NetworkTrafficConfig
Description
The network traffic configuration for a pentest, including custom headers and traffic rules.
Members
- customHeaders
-
- Type: Array of CustomHeader structures
The list of custom HTTP headers to include in network traffic during testing.
- rules
-
- Type: Array of NetworkTrafficRule structures
The list of network traffic rules that control which URLs are allowed or denied during testing.
NetworkTrafficRule
Description
A rule that controls network traffic during penetration testing by allowing or denying traffic to specific URL patterns.
Members
- effect
-
- Type: string
The effect of the rule. Valid values are ALLOW and DENY.
- networkTrafficRuleType
-
- Type: string
The type of the network traffic rule. Currently, only URL is supported.
- pattern
-
- Type: string
The URL pattern to match for the rule.
Pentest
Description
Represents a pentest configuration that defines the parameters for security testing, including target assets, risk type exclusions, and infrastructure settings.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the pentest.
- assets
-
- Required: Yes
- Type: Assets structure
The assets included in the pentest.
- cleanUpStrategy
-
- Type: string
Strategy for cleaning up resources after pentest job completion.
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the pentest.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was created, in UTC format.
- disableManagedSkills
-
- Type: Array of strings
A list of managed skills to disable for this pentest. Valid values include FINDING_PERSONALIZATION and LOGIN_OPTIMIZATION.
- excludeRiskTypes
-
- Type: Array of strings
The list of risk types excluded from the pentest.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the pentest.
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
The network traffic configuration for the pentest.
- pentestId
-
- Required: Yes
- Type: string
The unique identifier of the pentest.
- serviceRole
-
- Type: string
The IAM service role used for the pentest.
- title
-
- Required: Yes
- Type: string
The title of the pentest.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was last updated, in UTC format.
- vpcConfig
-
- Type: VpcConfig structure
The VPC configuration for the pentest.
PentestJob
Description
Represents a pentest job, which is an execution instance of a pentest. A pentest job progresses through preflight, static analysis, pentest, and finalizing steps.
Members
- actors
-
- Type: Array of Actor structures
The list of actors used during the pentest job.
- allowedDomains
-
- Type: Array of Endpoint structures
The list of domains allowed during the pentest job.
- cleanUpStrategy
-
- Type: string
Strategy for cleaning up resources after pentest job completion.
- codeRemediationStrategy
-
- Type: string
The code remediation strategy for the pentest job.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest job was created, in UTC format.
- disableManagedSkills
-
- Type: Array of strings
A list of managed skills disabled for this pentest job. Valid values include FINDING_PERSONALIZATION and LOGIN_OPTIMIZATION.
- documents
-
- Type: Array of DocumentInfo structures
The list of documents providing context for the pentest job.
- endpoints
-
- Type: Array of Endpoint structures
The list of endpoints being tested in the pentest job.
- errorInformation
-
- Type: ErrorInformation structure
Error information if the pentest job encountered an error.
- excludePaths
-
- Type: Array of Endpoint structures
The list of paths excluded from the pentest job.
- excludeRiskTypes
-
- Type: Array of strings
The list of risk types excluded from the pentest job.
- executionContext
-
- Type: Array of ExecutionContext structures
The execution context messages for the pentest job.
- integratedRepositories
-
- Type: Array of IntegratedRepository structures
The list of integrated repositories associated with the pentest job.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the pentest job.
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
The network traffic configuration for the pentest job.
- overview
-
- Type: string
An overview of the pentest job results.
- pentestId
-
- Type: string
The unique identifier of the pentest associated with the job.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job.
- serviceRole
-
- Type: string
The IAM service role used for the pentest job.
- sourceCode
-
- Type: Array of SourceCodeRepository structures
The list of source code repositories analyzed during the pentest job.
- status
-
- Type: string
The current status of the pentest job.
- steps
-
- Type: Array of Step structures
The list of steps in the pentest job execution.
- title
-
- Type: string
The title of the pentest job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest job was last updated, in UTC format.
- vpcConfig
-
- Type: VpcConfig structure
The VPC configuration for the pentest job.
PentestJobSummary
Description
Contains summary information about a pentest job.
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest job was created, in UTC format.
- pentestId
-
- Required: Yes
- Type: string
The unique identifier of the pentest associated with the job.
- pentestJobId
-
- Required: Yes
- Type: string
The unique identifier of the pentest job.
- status
-
- Type: string
The current status of the pentest job.
- title
-
- Type: string
The title of the pentest job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest job was last updated, in UTC format.
PentestSummary
Description
Contains summary information about a pentest.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the pentest.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was created, in UTC format.
- pentestId
-
- Required: Yes
- Type: string
The unique identifier of the pentest.
- title
-
- Required: Yes
- Type: string
The title of the pentest.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the pentest was last updated, in UTC format.
PrivateConnectionMode
Description
The configuration for a private connection. Specify either a service-managed or a self-managed mode.
Members
- selfManaged
-
- Type: SelfManagedInput structure
The configuration for a self-managed private connection, where you manage your own resource configuration.
- serviceManaged
-
- Type: ServiceManagedInput structure
The configuration for a service-managed private connection, where the service manages the resource gateway lifecycle.
PrivateConnectionSummary
Description
Summarizes a private connection.
Members
- certificateExpiryTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the connection's certificate expires, in UTC format.
- dnsResolution
-
- Type: string
The DNS resolution mode for the resource gateway.
- failureMessage
-
- Type: string
A message describing why the private connection entered a failed state, if applicable.
- hostAddress
-
- Type: string
The IP address or DNS name of the target resource.
- name
-
- Required: Yes
- Type: string
The name of the private connection.
- resourceConfigurationId
-
- Type: string
The identifier or ARN of the VPC Lattice resource configuration.
- resourceGatewayId
-
- Type: string
The identifier or ARN of the VPC Lattice resource gateway.
- status
-
- Required: Yes
- Type: string
The current status of the private connection.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
The tags attached to the private connection.
- type
-
- Required: Yes
- Type: string
The type of the private connection, indicating whether it is service-managed or self-managed.
- vpcId
-
- Type: string
The identifier of the VPC the resource gateway is created in.
ProviderInput
Description
The provider-specific input for creating an integration. This is a union type that contains provider-specific configuration.
Members
- bitbucket
-
- Type: BitbucketIntegrationInput structure
The configuration for a Bitbucket integration.
- confluence
-
- Type: ConfluenceIntegrationInput structure
The configuration for a Confluence integration.
- github
-
- Type: GitHubIntegrationInput structure
The GitHub-specific input for creating an integration.
- gitlab
-
- Type: GitLabIntegrationInput structure
The configuration for a GitLab integration.
ProviderResourceCapabilities
Description
The capabilities for an integrated resource from a third-party provider. This is a union type that contains provider-specific capabilities.
Members
- bitbucket
-
- Type: BitbucketResourceCapabilities structure
Capabilities for an integrated Bitbucket repository.
- confluence
-
- Type: ConfluenceResourceCapabilities structure
Capabilities for an integrated Confluence space.
- github
-
- Type: GitHubResourceCapabilities structure
The GitHub-specific resource capabilities.
- gitlab
-
- Type: GitLabResourceCapabilities structure
Capabilities for an integrated GitLab repository.
ReportDestination
Description
Destination for publishing scan reports to an integrated document provider.
Members
- containerId
-
- Required: Yes
- Type: string
The container identifier where the report will be published.
- documentId
-
- Type: string
The existing document identifier to update instead of creating a new document.
- integrationId
-
- Required: Yes
- Type: string
The integration identifier for the document provider.
- parentId
-
- Type: string
The parent document identifier under which the report will be created.
ResourceNotFoundException
Description
The specified resource was not found. Verify that the resource identifier is correct and that the resource exists in the specified agent space or account.
Members
- message
-
- Required: Yes
- Type: string
Error description.
SecurityRequirementArtifact
Description
A document used as source material for importing security requirements.
Members
- content
-
- Required: Yes
- Type: blob (string|resource|Psr\Http\Message\StreamInterface)
The binary content of the document.
- format
-
- Required: Yes
- Type: string
The format of the document. Valid values are MD, PDF, TXT, DOCX, and DOC.
- name
-
- Required: Yes
- Type: string
The file name of the document.
SecurityRequirementPackSummary
Description
Contains summary information about a security requirement pack.
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement pack was created, in UTC format.
- description
-
- Type: string
A description of the security requirement pack.
- managementType
-
- Required: Yes
- Type: string
The management type of the pack.
- name
-
- Required: Yes
- Type: string
The name of the security requirement pack.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the security requirement pack.
- status
-
- Required: Yes
- Type: string
The status of the security requirement pack.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement pack was last updated, in UTC format.
- vendorName
-
- Type: string
The vendor name for AWS managed packs.
SecurityRequirementSummary
Description
Contains summary information about a security requirement.
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement was created, in UTC format.
- description
-
- Required: Yes
- Type: string
A description of the security requirement.
- name
-
- Required: Yes
- Type: string
The name of the security requirement.
- packId
-
- Required: Yes
- Type: string
The unique identifier of the pack containing the security requirement.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the security requirement was last updated, in UTC format.
SelfManagedInput
Description
The configuration for a self-managed private connection.
Members
- certificate
-
- Type: string
The certificate for the private connection.
- resourceConfigurationId
-
- Required: Yes
- Type: string
The identifier or ARN of the resource configuration.
ServiceManagedInput
Description
The configuration for a service-managed private connection.
Members
- certificate
-
- Type: string
The certificate for the private connection.
- dnsResolution
-
- Type: string
The DNS resolution mode for the resource gateway. Defaults to PUBLIC when not set.
- hostAddress
-
- Required: Yes
- Type: string
The IP address or DNS name of the target resource.
- ipAddressType
-
- Type: string
The IP address type of the service-managed resource gateway.
- ipv4AddressesPerEni
-
- Type: int
The number of IPv4 addresses in each elastic network interface for the service-managed resource gateway.
- portRanges
-
- Type: Array of strings
The TCP port ranges that a consumer can use to access the resource.
- securityGroupIds
-
- Type: Array of strings
The security groups to attach to the service-managed resource gateway.
- subnetIds
-
- Required: Yes
- Type: Array of strings
The subnets that the service-managed resource gateway spans.
- vpcId
-
- Required: Yes
- Type: string
The VPC to create the service-managed resource gateway in.
ServiceQuotaExceededException
Description
The request exceeds a service quota. Review your current usage and request a quota increase if needed.
Members
- message
-
- Required: Yes
- Type: string
SourceCodeRepository
Description
Represents a source code repository used for security analysis during a pentest.
Members
- s3Location
-
- Type: string
The Amazon S3 location of the source code repository archive.
Step
Description
Represents a step in the pentest job execution pipeline. Steps include preflight, static analysis, pentest, and finalizing.
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the step was created, in UTC format.
- name
-
- Type: string
The name of the step. Valid values include PREFLIGHT, STATIC_ANALYSIS, PENTEST, VALIDATION, and FINALIZING.
- status
-
- Type: string
The current status of the step.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the step was last updated, in UTC format.
TargetDomain
Description
Represents a target domain registered for penetration testing. A target domain must be verified through DNS TXT or HTTP route verification before it can be used in pentests.
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was created, in UTC format.
- domainName
-
- Required: Yes
- Type: string
The domain name of the target domain.
- targetDomainId
-
- Required: Yes
- Type: string
The unique identifier of the target domain.
- verificationDetails
-
- Type: VerificationDetails structure
The verification details for the target domain.
- verificationStatus
-
- Type: string
The current verification status of the target domain.
- verificationStatusReason
-
- Type: string
The reason for the current target domain verification status.
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the target domain was verified, in UTC format.
TargetDomainSummary
Description
Contains summary information about a target domain.
Members
- domainName
-
- Required: Yes
- Type: string
The domain name of the target domain.
- targetDomainId
-
- Required: Yes
- Type: string
The unique identifier of the target domain.
- verificationStatus
-
- Type: string
The current verification status of the target domain.
Task
Description
Represents an individual security test task within a pentest job. Each task targets a specific risk type or endpoint and executes independently.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- categories
-
- Type: Array of Category structures
The list of categories assigned to the task.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was created, in UTC format.
- description
-
- Type: string
A description of the task.
- executionStatus
-
- Type: string
The current execution status of the task.
- logsLocation
-
- Type: LogLocation structure
The location of the task execution logs.
- pentestId
-
- Type: string
The unique identifier of the pentest associated with the task.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job that contains the task.
- riskType
-
- Type: string
The type of security risk the task is testing for.
- targetEndpoint
-
- Type: Endpoint structure
The target endpoint being tested by the task.
- taskId
-
- Required: Yes
- Type: string
The unique identifier of the task.
- title
-
- Type: string
The title of the task.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was last updated, in UTC format.
TaskSummary
Description
Contains summary information about a task.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was created, in UTC format.
- executionStatus
-
- Type: string
The current execution status of the task.
- pentestId
-
- Type: string
The unique identifier of the pentest associated with the task.
- pentestJobId
-
- Type: string
The unique identifier of the pentest job that contains the task.
- riskType
-
- Type: string
The type of security risk the task is testing for.
- taskId
-
- Required: Yes
- Type: string
The unique identifier of the task.
- title
-
- Type: string
The title of the task.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was last updated, in UTC format.
Threat
Description
Represents a threat identified during threat modeling.
Members
- anchor
-
- Type: ThreatAnchorShape structure
The DFD element this threat is anchored to.
- comments
-
- Type: string
Optional customer comment on the threat.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was created, in UTC format.
- createdBy
-
- Type: string
Who created this threat.
- evidence
-
- Type: Array of ThreatEvidenceShape structures
The source code files supporting the threat.
- impactedAssets
-
- Type: Array of strings
The specific assets affected by the threat.
- impactedGoal
-
- Type: Array of strings
The security goals affected by the threat.
- prerequisites
-
- Type: string
The conditions required for the threat to be exploitable.
- recommendation
-
- Type: string
The recommended mitigation guidance for this threat.
- severity
-
- Type: string
The severity level of the threat.
- statement
-
- Type: string
The natural-language threat statement.
- status
-
- Type: string
The current status of the threat.
- stride
-
- Type: Array of strings
The STRIDE categories applicable to this threat.
- threatAction
-
- Type: string
What the threat source can do.
- threatId
-
- Type: string
The unique identifier of the threat.
- threatImpact
-
- Type: string
The direct consequence of the threat action.
- threatJobId
-
- Type: string
The unique identifier of the threat model job that produced the threat.
- threatSource
-
- Type: string
The actor or origin of the threat.
- title
-
- Type: string
A short title summarizing the threat.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was last updated, in UTC format.
- updatedBy
-
- Type: string
Who last updated this threat.
ThreatAnchorShape
Description
DFD element that a threat is anchored to.
Members
- id
-
- Type: string
The identifier of the DFD element.
- kind
-
- Type: string
The kind of DFD element.
- packageId
-
- Type: string
The package identifier containing the DFD element.
ThreatEvidenceShape
Description
Source code file supporting a threat.
Members
- packageId
-
- Type: string
The package identifier containing the evidence file.
- path
-
- Type: string
The file path of the evidence.
ThreatModel
Description
Represents a threat model configuration that defines the parameters for automated threat analysis, including target assets and logging configuration.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the threat model.
- assets
-
- Required: Yes
- Type: Assets structure
The assets included in the threat model.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was created, in UTC format.
- description
-
- Type: string
A description of the application or system being threat modeled.
- logConfig
-
- Type: CloudWatchLog structure
The CloudWatch Logs configuration for the threat model.
- scopeDocs
-
- Type: Array of DocumentInfo structures
The scoped documents for the agent to focus on during threat modeling.
- serviceRole
-
- Type: string
The IAM service role used for the threat model.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the threat model.
- title
-
- Required: Yes
- Type: string
The title of the threat model.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was last updated, in UTC format.
ThreatModelJob
Description
Represents a threat model job, which is an execution instance of a threat model.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job was created, in UTC format.
- documents
-
- Type: Array of DocumentInfo structures
The list of documents used for threat modeling.
- errorInformation
-
- Type: ErrorInformation structure
Error information if the threat model job encountered an error.
- executionEndTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job execution ended, in UTC format.
- executionStartTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job execution started, in UTC format.
- integratedRepositories
-
- Type: Array of IntegratedRepository structures
The list of integrated repositories used for threat modeling.
- scopeDocs
-
- Type: Array of DocumentInfo structures
The scoped documents for the agent to focus on during threat modeling.
- sourceCode
-
- Type: Array of SourceCodeRepository structures
The list of source code repositories used for threat modeling.
- status
-
- Type: string
The current status of the threat model job.
- systemOverview
-
- Type: string
The system overview generated during threat modeling.
- threatModelId
-
- Type: string
The unique identifier of the threat model associated with the job.
- threatModelJobId
-
- Type: string
The unique identifier of the threat model job.
- title
-
- Type: string
The title of the threat model job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job was last updated, in UTC format.
ThreatModelJobSummary
Description
Contains summary information about a threat model job.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job was created, in UTC format.
- status
-
- Type: string
The current status of the threat model job.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the threat model associated with the job.
- threatModelJobId
-
- Required: Yes
- Type: string
The unique identifier of the threat model job.
- title
-
- Type: string
The title of the threat model job.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model job was last updated, in UTC format.
ThreatModelJobTask
Description
Represents an individual task within a threat model job.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was created, in UTC format.
- description
-
- Type: string
A description of the task.
- executionStatus
-
- Type: string
The current execution status of the task.
- logsLocation
-
- Type: LogLocation structure
The location of the task execution logs.
- taskId
-
- Required: Yes
- Type: string
The unique identifier of the task.
- threatModelId
-
- Type: string
The unique identifier of the threat model associated with the task.
- threatModelJobId
-
- Type: string
The unique identifier of the threat model job that contains the task.
- title
-
- Type: string
The title of the task.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was last updated, in UTC format.
ThreatModelJobTaskSummary
Description
Contains summary information about a threat model job task.
Members
- agentSpaceId
-
- Type: string
The unique identifier of the agent space.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was created, in UTC format.
- executionStatus
-
- Type: string
The current execution status of the task.
- taskId
-
- Required: Yes
- Type: string
The unique identifier of the task.
- threatModelId
-
- Type: string
The unique identifier of the threat model associated with the task.
- threatModelJobId
-
- Type: string
The unique identifier of the threat model job that contains the task.
- title
-
- Type: string
The title of the task.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the task was last updated, in UTC format.
ThreatModelSummary
Description
Contains summary information about a threat model.
Members
- agentSpaceId
-
- Required: Yes
- Type: string
The unique identifier of the agent space that contains the threat model.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was created, in UTC format.
- threatModelId
-
- Required: Yes
- Type: string
The unique identifier of the threat model.
- title
-
- Required: Yes
- Type: string
The title of the threat model.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat model was last updated, in UTC format.
ThreatSummary
Description
Contains summary information about a threat.
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was created, in UTC format.
- createdBy
-
- Type: string
Who created this threat.
- severity
-
- Type: string
The severity level of the threat.
- statement
-
- Type: string
The natural-language threat statement.
- status
-
- Type: string
The current status of the threat.
- stride
-
- Type: Array of strings
The STRIDE categories applicable to this threat.
- threatId
-
- Type: string
The unique identifier of the threat.
- threatJobId
-
- Type: string
The unique identifier of the threat model job that produced the threat.
- title
-
- Type: string
A short title summarizing the threat.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the threat was last updated, in UTC format.
- updatedBy
-
- Type: string
Who last updated this threat.
ThrottlingException
Description
The request was denied due to request throttling.
Members
- message
-
- Required: Yes
- Type: string
Error description.
- quotaCode
-
- Type: string
Quota code for throttling limit.
- serviceCode
-
- Type: string
Service code for throttling limit.
UpdateSecurityRequirementEntry
Description
Contains the details for updating an existing security requirement within a pack. The name is an immutable identifier used to locate the requirement and cannot be modified.
Members
- description
-
- Type: string
The updated description of the security requirement.
- domain
-
- Type: string
The updated security domain the requirement belongs to.
- evaluation
-
- Type: string
The updated evaluation criteria used to assess compliance with this requirement.
- name
-
- Required: Yes
- Type: string
The name of the security requirement to update. This is an immutable identifier and cannot be changed once the requirement is created.
- remediation
-
- Type: string
The updated remediation steps when the requirement is not met.
UserConfig
Description
The configuration for a user membership, including the role assigned to the user within the agent space.
Members
- role
-
- Type: string
The role assigned to the user. Currently, only MEMBER is supported.
UserMetadata
Description
Contains metadata about a user member, including the username and email address.
Members
-
- Required: Yes
- Type: string
The email address of the user.
- username
-
- Required: Yes
- Type: string
The username of the user.
ValidationException
Description
The input fails to satisfy the constraints specified by the service.
Members
- fieldList
-
- Type: Array of ValidationExceptionField structures
A list of specific failures encountered during validation.
- message
-
- Required: Yes
- Type: string
A summary of the validation failure.
ValidationExceptionField
Description
Describes one specific validation failure for an input member.
Members
- message
-
- Required: Yes
- Type: string
A detailed description of the validation failure.
- path
-
- Required: Yes
- Type: string
A JSONPointer expression to the structure member whose value failed to satisfy the modeled constraint.
VerificationDetails
Description
Contains the verification details for a target domain, including the verification method and provider-specific details.
Members
- dnsTxt
-
- Type: DnsVerification structure
The DNS TXT verification details.
- httpRoute
-
- Type: HttpVerification structure
The HTTP route verification details.
- method
-
- Type: string
The verification method used for the target domain.
VerificationScript
Description
Contains metadata for a verification script that can be used to reproduce a security finding.
Members
- envVars
-
- Type: Array of VerificationScriptEnvVar structures
The list of environment variables required to run the verification script.
- instructions
-
- Type: string
Instructions for running the verification script, including prerequisites and how to interpret results.
- scriptType
-
- Type: string
The type of script. Valid values are python and bash.
- scriptUrl
-
- Type: string
URL to download the verification script.
VerificationScriptEnvVar
Description
Represents an environment variable required to run a verification script.
Members
- name
-
- Type: string
The name of the environment variable.
- value
-
- Type: string
The value of the environment variable.
VpcConfig
Description
The VPC configuration for a pentest, specifying the VPC, security groups, and subnets to use during testing.
Members
- securityGroupArns
-
- Type: Array of strings
The Amazon Resource Names (ARNs) of the security groups for the VPC configuration.
- subnetArns
-
- Type: Array of strings
The Amazon Resource Names (ARNs) of the subnets for the VPC configuration.
- vpcArn
-
- Type: string
The Amazon Resource Name (ARN) of the VPC.