SDK for PHP V3
AWS Security Agent 2025-09-06
- Client: Aws\SecurityAgent\SecurityAgentClient
- Service ID: securityagent
- Version: 2025-09-06
This page describes the parameters and results for the operations of the AWS Security Agent (2025-09-06), and shows how to use the Aws\SecurityAgent\SecurityAgentClient object to call the described operations. This documentation is specific to the 2025-09-06 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- AddArtifact ( array $params = [] )
- Adds an Artifact for the given agent space
- BatchDeletePentests ( array $params = [] )
- Deletes multiple pentests in a single request
- BatchGetAgentSpaces ( array $params = [] )
- Retrieves multiple agent spaces in a single request
- BatchGetArtifactMetadata ( array $params = [] )
- Retrieve the list of artifact metadata for the given agent space
- BatchGetFindings ( array $params = [] )
- Retrieves multiple findings in a single request
- BatchGetPentestJobTasks ( array $params = [] )
- Retrieves multiple tasks for a pentest job in a single request
- BatchGetPentestJobs ( array $params = [] )
- Retrieves multiple pentest jobs in a single request
- BatchGetPentests ( array $params = [] )
- Retrieves multiple pentests in a single request
- BatchGetTargetDomains ( array $params = [] )
- Retrieves multiple target domains in a single request
- CreateAgentSpace ( array $params = [] )
- Creates an agent space record
- CreateApplication ( array $params = [] )
- Creates a new application
- CreateIntegration ( array $params = [] )
- Creates the Integration of the Security Agent App with an external Provider
- CreateMembership ( array $params = [] )
- Adds a single member to an agent space with specified role
- CreatePentest ( array $params = [] )
- Creates a new pentest configuration
- CreateTargetDomain ( array $params = [] )
- Creates a target domain record
- DeleteAgentSpace ( array $params = [] )
- Deletes an agent space record
- DeleteApplication ( array $params = [] )
- Deletes an application
- DeleteArtifact ( array $params = [] )
- Delete an Artifact from the given agent space
- DeleteIntegration ( array $params = [] )
- Deletes the Integration of the Security Agent App with an external Provider
- DeleteMembership ( array $params = [] )
- Removes a single member associated to an agent space
- DeleteTargetDomain ( array $params = [] )
- Deletes a target domain record
- GetApplication ( array $params = [] )
- Retrieves application details by application ID
- GetArtifact ( array $params = [] )
- Retrieve an Artifact for the given agent space
- GetIntegration ( array $params = [] )
- Gets Integration metadata from the provided id
- InitiateProviderRegistration ( array $params = [] )
- Initiates the registration of Security Agent App for an external Provider
- ListAgentSpaces ( array $params = [] )
- Lists agent spaces
- ListApplications ( array $params = [] )
- Lists all applications in the account
- ListArtifacts ( array $params = [] )
- Lists the artifacts for the associated agent space
- ListDiscoveredEndpoints ( array $params = [] )
- Lists discovered endpoints associated with a pentest job with optional URI prefix filtering
- ListFindings ( array $params = [] )
- Lists findings with filtering and pagination support.
- ListIntegratedResources ( array $params = [] )
- Lists the integrated resources for an agent space
- ListIntegrations ( array $params = [] )
- Retrieves the Integrations associated with the user's account
- ListMemberships ( array $params = [] )
- Lists all members associated to an agent space with pagination support
- ListPentestJobTasks ( array $params = [] )
- Lists tasks associated with a specific pentest job
- ListPentestJobsForPentest ( array $params = [] )
- Lists pentest jobs associated with a pentest
- ListPentests ( array $params = [] )
- Lists pentests with optional filtering by status
- ListTagsForResource ( array $params = [] )
- Lists tags for a Security Agent resource
- ListTargetDomains ( array $params = [] )
- Lists target domains
- StartCodeRemediation ( array $params = [] )
- Starts code remediation for the specified findings
- StartPentestJob ( array $params = [] )
- Initiates the execution of a pentest
- StopPentestJob ( array $params = [] )
- Stops the execution of a running pentest
- TagResource ( array $params = [] )
- Adds tags to a Security Agent resource
- UntagResource ( array $params = [] )
- Removes tags from a Security Agent resource
- UpdateAgentSpace ( array $params = [] )
- Updates an agent space record
- UpdateApplication ( array $params = [] )
- Updates application configuration
- UpdateFinding ( array $params = [] )
- Updates an existing security finding with new details or status
- UpdateIntegratedResources ( array $params = [] )
- Updates the integrated resources for an agent space
- UpdatePentest ( array $params = [] )
- Updates an existing pentest with new configuration or settings
- UpdateTargetDomain ( array $params = [] )
- Updates a target domain record
- VerifyTargetDomain ( array $params = [] )
- Verifies ownership for a registered target domain
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
- ListAgentSpaces
- ListApplications
- ListArtifacts
- ListDiscoveredEndpoints
- ListFindings
- ListIntegratedResources
- ListIntegrations
- ListMemberships
- ListPentestJobTasks
- ListPentestJobsForPentest
- ListPentests
- ListTargetDomains
Operations
AddArtifact
$result = $client->addArtifact([/* ... */]); $promise = $client->addArtifactAsync([/* ... */]);
Adds an Artifact for the given agent space
Parameter Syntax
$result = $client->addArtifact([
'agentSpaceId' => '<string>', // REQUIRED
'artifactContent' => <string || resource || Psr\Http\Message\StreamInterface>, // REQUIRED
'artifactType' => 'TXT|PNG|JPEG|MD|PDF|DOCX|DOC|JSON|YAML', // REQUIRED
'fileName' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- artifactContent
-
- Required: Yes
- Type: blob (string|resource|Psr\Http\Message\StreamInterface)
Binary content of the artifact
- artifactType
-
- Required: Yes
- Type: string
Type of the artifact file
- fileName
-
- Required: Yes
- Type: string
Name of the artifact file
Result Syntax
[
'artifactId' => '<string>',
]
Result Details
Members
- artifactId
-
- Required: Yes
- Type: string
Unique identifier of the created artifact
Errors
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- InternalServerException:
Unexpected server error occurred
- ResourceNotFoundException:
Specified resource was not found
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
BatchDeletePentests
$result = $client->batchDeletePentests([/* ... */]); $promise = $client->batchDeletePentestsAsync([/* ... */]);
Deletes multiple pentests in a single request
Parameter Syntax
$result = $client->batchDeletePentests([
'agentSpaceId' => '<string>', // REQUIRED
'pentestIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentests exist
- pentestIds
-
- Required: Yes
- Type: Array of strings
List of pentest IDs to delete
Result Syntax
[
'deleted' => [
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'createdAt' => <DateTime>,
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
],
// ...
],
'failed' => [
[
'pentestId' => '<string>',
'reason' => '<string>',
],
// ...
],
]
Result Details
Members
- deleted
-
- Type: Array of Pentest structures
List of successfully deleted pentests
- failed
-
- Type: Array of DeletePentestFailure structures
List of pentests that could not be deleted and the reasons for failure
Errors
There are no errors described for this operation.
BatchGetAgentSpaces
$result = $client->batchGetAgentSpaces([/* ... */]); $promise = $client->batchGetAgentSpacesAsync([/* ... */]);
Retrieves multiple agent spaces in a single request
Parameter Syntax
$result = $client->batchGetAgentSpaces([
'agentSpaceIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceIds
-
- Required: Yes
- Type: Array of strings
List of agent space IDs to retrieve
Result Syntax
[
'agentSpaces' => [
[
'agentSpaceId' => '<string>',
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false,
'generalPurposeScanning' => true || false,
],
'createdAt' => <DateTime>,
'description' => '<string>',
'kmsKeyId' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
'updatedAt' => <DateTime>,
],
// ...
],
'notFound' => ['<string>', ...],
]
Result Details
Members
- agentSpaces
-
- Type: Array of AgentSpace structures
List of agent spaces that were successfully retrieved
- notFound
-
- Type: Array of strings
List of agent space IDs that could not be found
Errors
There are no errors described for this operation.
BatchGetArtifactMetadata
$result = $client->batchGetArtifactMetadata([/* ... */]); $promise = $client->batchGetArtifactMetadataAsync([/* ... */]);
Retrieve the list of artifact metadata for the given agent space
Parameter Syntax
$result = $client->batchGetArtifactMetadata([
'agentSpaceId' => '<string>', // REQUIRED
'artifactIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- artifactIds
-
- Required: Yes
- Type: Array of strings
List of artifact identifiers
Result Syntax
[
'artifactMetadataList' => [
[
'agentSpaceId' => '<string>',
'artifactId' => '<string>',
'fileName' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- artifactMetadataList
-
- Required: Yes
- Type: Array of ArtifactMetadataItem structures
List of artifact metadata
Errors
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- InternalServerException:
Unexpected server error occurred
- ResourceNotFoundException:
Specified resource was not found
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
BatchGetFindings
$result = $client->batchGetFindings([/* ... */]); $promise = $client->batchGetFindingsAsync([/* ... */]);
Retrieves multiple findings in a single request
Parameter Syntax
$result = $client->batchGetFindings([
'agentSpaceId' => '<string>', // REQUIRED
'findingIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the findings exist
- findingIds
-
- Required: Yes
- Type: Array of strings
List of finding IDs to retrieve
Result Syntax
[
'findings' => [
[
'agentSpaceId' => '<string>',
'attackScript' => '<string>',
'codeRemediationTask' => [
'status' => 'IN_PROGRESS|COMPLETED|FAILED',
'statusReason' => '<string>',
'taskDetails' => [
[
'codeDiffLink' => '<string>',
'pullRequestLink' => '<string>',
'repoName' => '<string>',
],
// ...
],
],
'confidence' => 'FALSE_POSITIVE|UNCONFIRMED|LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'findingId' => '<string>',
'lastUpdatedBy' => '<string>',
'name' => '<string>',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'reasoning' => '<string>',
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'riskScore' => '<string>',
'riskType' => '<string>',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
'taskId' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'notFound' => ['<string>', ...],
]
Result Details
Members
- findings
-
- Type: Array of Finding structures
List of successfully retrieved findings
- notFound
-
- Type: Array of strings
List of finding IDs that could not be found
Errors
There are no errors described for this operation.
BatchGetPentestJobTasks
$result = $client->batchGetPentestJobTasks([/* ... */]); $promise = $client->batchGetPentestJobTasksAsync([/* ... */]);
Retrieves multiple tasks for a pentest job in a single request
Parameter Syntax
$result = $client->batchGetPentestJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'taskIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- taskIds
-
- Required: Yes
- Type: Array of strings
List of task IDs to retrieve
Result Syntax
[
'notFound' => ['<string>', ...],
'tasks' => [
[
'agentSpaceId' => '<string>',
'categories' => [
[
'isPrimary' => true || false,
'name' => '<string>',
],
// ...
],
'createdAt' => <DateTime>,
'description' => '<string>',
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'logsLocation' => [
'cloudWatchLog' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'logType' => 'CLOUDWATCH',
],
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'riskType' => 'CROSS_SITE_SCRIPTING|DEFAULT_CREDENTIALS|INSECURE_DIRECT_OBJECT_REFERENCE|PRIVILEGE_ESCALATION|SERVER_SIDE_TEMPLATE_INJECTION|COMMAND_INJECTION|CODE_INJECTION|SQL_INJECTION|ARBITRARY_FILE_UPLOAD|INSECURE_DESERIALIZATION|LOCAL_FILE_INCLUSION|INFORMATION_DISCLOSURE|PATH_TRAVERSAL|SERVER_SIDE_REQUEST_FORGERY|JSON_WEB_TOKEN_VULNERABILITIES|XML_EXTERNAL_ENTITY|FILE_DELETION|OTHER|GRAPHQL_VULNERABILITIES|BUSINESS_LOGIC_VULNERABILITIES|CRYPTOGRAPHIC_VULNERABILITIES|DENIAL_OF_SERVICE|FILE_ACCESS|FILE_CREATION|DATABASE_MODIFICATION|DATABASE_ACCESS|OUTBOUND_SERVICE_REQUEST|UNKNOWN',
'targetEndpoint' => [
'uri' => '<string>',
],
'taskId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
List of task IDs that could not be found
- tasks
-
- Type: Array of Task structures
List of successfully retrieved tasks
Errors
There are no errors described for this operation.
BatchGetPentestJobs
$result = $client->batchGetPentestJobs([/* ... */]); $promise = $client->batchGetPentestJobsAsync([/* ... */]);
Retrieves multiple pentest jobs in a single request
Parameter Syntax
$result = $client->batchGetPentestJobs([
'agentSpaceId' => '<string>', // REQUIRED
'pentestJobIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- pentestJobIds
-
- Required: Yes
- Type: Array of strings
List of pentest job IDs to retrieve
Result Syntax
[
'notFound' => ['<string>', ...],
'pentestJobs' => [
[
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'allowedDomains' => [
[
'uri' => '<string>',
],
// ...
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'createdAt' => <DateTime>,
'documents' => [
[
'artifactId' => '<string>',
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'errorInformation' => [
'code' => 'CLIENT_ERROR|INTERNAL_ERROR|STOPPED_BY_USER',
'message' => '<string>',
],
'excludePaths' => [
[
'uri' => '<string>',
],
// ...
],
'excludeRiskTypes' => ['<string>', ...],
'executionContext' => [
[
'context' => '<string>',
'contextType' => 'ERROR|CLIENT_ERROR|WARNING|INFO',
'timestamp' => <DateTime>,
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'overview' => '<string>',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'serviceRole' => '<string>',
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'steps' => [
[
'createdAt' => <DateTime>,
'name' => 'PREFLIGHT|STATIC_ANALYSIS|PENTEST|FINALIZING',
'status' => 'NOT_STARTED|IN_PROGRESS|COMPLETED|FAILED|STOPPED',
'updatedAt' => <DateTime>,
],
// ...
],
'title' => '<string>',
'updatedAt' => <DateTime>,
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
List of pentest job IDs that could not be found
- pentestJobs
-
- Type: Array of PentestJob structures
List of successfully retrieved pentest jobs
Errors
There are no errors described for this operation.
BatchGetPentests
$result = $client->batchGetPentests([/* ... */]); $promise = $client->batchGetPentestsAsync([/* ... */]);
Retrieves multiple pentests in a single request
Parameter Syntax
$result = $client->batchGetPentests([
'agentSpaceId' => '<string>', // REQUIRED
'pentestIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- pentestIds
-
- Required: Yes
- Type: Array of strings
List of pentest IDs to retrieve
Result Syntax
[
'notFound' => ['<string>', ...],
'pentests' => [
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'createdAt' => <DateTime>,
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
List of pentest IDs that could not be found
- pentests
-
- Type: Array of Pentest structures
List of successfully retrieved pentests
Errors
There are no errors described for this operation.
BatchGetTargetDomains
$result = $client->batchGetTargetDomains([/* ... */]); $promise = $client->batchGetTargetDomainsAsync([/* ... */]);
Retrieves multiple target domains in a single request
Parameter Syntax
$result = $client->batchGetTargetDomains([
'targetDomainIds' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- targetDomainIds
-
- Required: Yes
- Type: Array of strings
List of target domain IDs to retrieve
Result Syntax
[
'notFound' => ['<string>', ...],
'targetDomains' => [
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationDetails' => [
'dnsTxt' => [
'dnsRecordName' => '<string>',
'dnsRecordType' => 'TXT',
'token' => '<string>',
],
'httpRoute' => [
'routePath' => '<string>',
'token' => '<string>',
],
'method' => 'DNS_TXT|HTTP_ROUTE',
],
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'verifiedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- notFound
-
- Type: Array of strings
List of target domain IDs that could not be found
- targetDomains
-
- Type: Array of TargetDomain structures
List of target domains that were successfully retrieved
Errors
There are no errors described for this operation.
CreateAgentSpace
$result = $client->createAgentSpace([/* ... */]); $promise = $client->createAgentSpaceAsync([/* ... */]);
Creates an agent space record
Parameter Syntax
$result = $client->createAgentSpace([
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false, // REQUIRED
'generalPurposeScanning' => true || false, // REQUIRED
],
'description' => '<string>',
'kmsKeyId' => '<string>',
'name' => '<string>', // REQUIRED
'tags' => ['<string>', ...],
'targetDomainIds' => ['<string>', ...],
]);
Parameter Details
Members
- awsResources
-
- Type: AWSResources structure
AWS resource configurations associated with the agent space
- codeReviewSettings
-
- Type: CodeReviewSettings structure
Configuration for code review analysis, including controls scanning and general purpose scanning settings
- description
-
- Type: string
Description of the agent space
- kmsKeyId
-
- Type: string
Identifier of the KMS key used to encrypt data. Can be a key ID, key ARN, alias name, or alias ARN. If not specified, an AWS managed key is used.
- name
-
- Required: Yes
- Type: string
Name of the agent space
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to associate with the agent space
- targetDomainIds
-
- Type: Array of strings
Target domain IDs to associate with the agent space
Result Syntax
[
'agentSpaceId' => '<string>',
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false,
'generalPurposeScanning' => true || false,
],
'createdAt' => <DateTime>,
'description' => '<string>',
'kmsKeyId' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the created agent space
- awsResources
-
- Type: AWSResources structure
AWS resource configurations associated with the agent space
- codeReviewSettings
-
- Type: CodeReviewSettings structure
Configuration for code review analysis, including controls scanning and general purpose scanning settings
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was created
- description
-
- Type: string
Description of the created agent space
- kmsKeyId
-
- Type: string
Identifier of the KMS key used to encrypt data. Can be a key ID, key ARN, alias name, or alias ARN. If not specified, an AWS managed key is used.
- name
-
- Required: Yes
- Type: string
Name of the created agent space
- targetDomainIds
-
- Type: Array of strings
List of target domain IDs registered with the agent space
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was last updated
Errors
There are no errors described for this operation.
CreateApplication
$result = $client->createApplication([/* ... */]); $promise = $client->createApplicationAsync([/* ... */]);
Creates a new application
Parameter Syntax
$result = $client->createApplication([
'defaultKmsKeyId' => '<string>',
'idcInstanceArn' => '<string>',
'roleArn' => '<string>',
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- defaultKmsKeyId
-
- Type: string
Default KMS key identifier used to encrypt application data
- idcInstanceArn
-
- Type: string
ARN of the IAM Identity Center instance used for user authentication. Optional for non-IdC applications
- roleArn
-
- Type: string
ARN of the IAM role that the application uses to access AWS resources on your behalf
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to associate with the application
Result Syntax
[
'applicationId' => '<string>',
]
Result Details
Members
- applicationId
-
- Required: Yes
- Type: string
Application ID
Errors
There are no errors described for this operation.
CreateIntegration
$result = $client->createIntegration([/* ... */]); $promise = $client->createIntegrationAsync([/* ... */]);
Creates the Integration of the Security Agent App with an external Provider
Parameter Syntax
$result = $client->createIntegration([
'input' => [ // REQUIRED
'github' => [
'code' => '<string>', // REQUIRED
'organizationName' => '<string>',
'state' => '<string>', // REQUIRED
],
],
'integrationDisplayName' => '<string>', // REQUIRED
'kmsKeyId' => '<string>',
'provider' => 'GITHUB', // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- input
-
- Required: Yes
- Type: ProviderInput structure
Provider-specific input parameters
- integrationDisplayName
-
- Required: Yes
- Type: string
Display name for the integration
- kmsKeyId
-
- Type: string
KMS key ID for encrypting integration details
- provider
-
- Required: Yes
- Type: string
Provider to integrate with
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to associate with the integration
Result Syntax
[
'integrationId' => '<string>',
]
Result Details
Members
- integrationId
-
- Required: Yes
- Type: string
Unique identifier of the created integration
Errors
- ResourceNotFoundException:
Specified resource was not found
- InternalServerException:
Unexpected server error occurred
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- ConflictException:
Request conflicts with current resource state
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
CreateMembership
$result = $client->createMembership([/* ... */]); $promise = $client->createMembershipAsync([/* ... */]);
Adds a single member to an agent space with specified role
Parameter Syntax
$result = $client->createMembership([
'agentSpaceId' => '<string>', // REQUIRED
'applicationId' => '<string>', // REQUIRED
'config' => [
'user' => [
'role' => 'MEMBER',
],
],
'memberType' => 'USER', // REQUIRED
'membershipId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Agent space identifier
- applicationId
-
- Required: Yes
- Type: string
Application identifier
- config
-
- Type: MembershipConfig structure
Membership details (user or agent specific)
- memberType
-
- Required: Yes
- Type: string
Type of member (USER or AGENT_SPACE)
- membershipId
-
- Required: Yes
- Type: string
Member identifier (userId or agentSpaceId)
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
CreatePentest
$result = $client->createPentest([/* ... */]); $promise = $client->createPentestAsync([/* ... */]);
Creates a new pentest configuration
Parameter Syntax
$result = $client->createPentest([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'serviceRole' => '<string>',
'title' => '<string>', // REQUIRED
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest should be created
- assets
-
- Type: Assets structure
Assets to be tested during the pentest
- codeRemediationStrategy
-
- Type: string
Strategy for code remediation on findings
- excludeRiskTypes
-
- Type: Array of strings
A list of risk types excluded from the pentest execution
- logConfig
-
- Type: CloudWatchLog structure
CloudWatch log group and stream prefix where pentest execution logs are stored
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
Configuration for network traffic filtering
- serviceRole
-
- Type: string
Service role ARN for accessing customer resources
- title
-
- Required: Yes
- Type: string
Title of the pentest
- vpcConfig
-
- Type: VpcConfig structure
VPC configuration that the Security Agent accesses
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'createdAt' => <DateTime>,
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
ID of the agent space where the pentest was created
- assets
-
- Type: Assets structure
Assets to be tested in the created pentest
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was created
- excludeRiskTypes
-
- Type: Array of strings
A list of risk types excluded from the pentest execution
- logConfig
-
- Type: CloudWatchLog structure
CloudWatch log group and stream prefix where pentest execution logs are stored
- pentestId
-
- Type: string
Unique identifier of the created pentest
- serviceRole
-
- Type: string
Service role ARN for accessing customer resources
- title
-
- Type: string
Title of the created pentest
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was last updated
Errors
There are no errors described for this operation.
CreateTargetDomain
$result = $client->createTargetDomain([/* ... */]); $promise = $client->createTargetDomainAsync([/* ... */]);
Creates a target domain record
Parameter Syntax
$result = $client->createTargetDomain([
'tags' => ['<string>', ...],
'targetDomainName' => '<string>', // REQUIRED
'verificationMethod' => 'DNS_TXT|HTTP_ROUTE', // REQUIRED
]);
Parameter Details
Members
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to associate with the target domain
- targetDomainName
-
- Required: Yes
- Type: string
Domain name of the target domain
- verificationMethod
-
- Required: Yes
- Type: string
Verification method for the target domain
Result Syntax
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationDetails' => [
'dnsTxt' => [
'dnsRecordName' => '<string>',
'dnsRecordType' => 'TXT',
'token' => '<string>',
],
'httpRoute' => [
'routePath' => '<string>',
'token' => '<string>',
],
'method' => 'DNS_TXT|HTTP_ROUTE',
],
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'verifiedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was registered
- domainName
-
- Required: Yes
- Type: string
Name of the created target domain
- targetDomainId
-
- Required: Yes
- Type: string
Unique identifier of the created target domain
- verificationDetails
-
- Type: VerificationDetails structure
Verification details to verify registered target domain
- verificationStatus
-
- Required: Yes
- Type: string
Current verification status of the registered target domain
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was last successfully verified
Errors
There are no errors described for this operation.
DeleteAgentSpace
$result = $client->deleteAgentSpace([/* ... */]); $promise = $client->deleteAgentSpaceAsync([/* ... */]);
Deletes an agent space record
Parameter Syntax
$result = $client->deleteAgentSpace([
'agentSpaceId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space to delete
Result Syntax
[
'agentSpaceId' => '<string>',
]
Result Details
Members
- agentSpaceId
-
- Type: string
Unique identifier of the deleted agent space
Errors
There are no errors described for this operation.
DeleteApplication
$result = $client->deleteApplication([/* ... */]); $promise = $client->deleteApplicationAsync([/* ... */]);
Deletes an application
Parameter Syntax
$result = $client->deleteApplication([
'applicationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- applicationId
-
- Required: Yes
- Type: string
Application ID
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
DeleteArtifact
$result = $client->deleteArtifact([/* ... */]); $promise = $client->deleteArtifactAsync([/* ... */]);
Delete an Artifact from the given agent space
Parameter Syntax
$result = $client->deleteArtifact([
'agentSpaceId' => '<string>', // REQUIRED
'artifactId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- artifactId
-
- Required: Yes
- Type: string
Unique identifier of the artifact
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
Specified resource was not found
- InternalServerException:
Unexpected server error occurred
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
DeleteIntegration
$result = $client->deleteIntegration([/* ... */]); $promise = $client->deleteIntegrationAsync([/* ... */]);
Deletes the Integration of the Security Agent App with an external Provider
Parameter Syntax
$result = $client->deleteIntegration([
'integrationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- integrationId
-
- Required: Yes
- Type: string
Unique identifier of the integration
Result Syntax
[]
Result Details
Errors
- ResourceNotFoundException:
Specified resource was not found
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- InternalServerException:
Unexpected server error occurred
- ConflictException:
Request conflicts with current resource state
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
DeleteMembership
$result = $client->deleteMembership([/* ... */]); $promise = $client->deleteMembershipAsync([/* ... */]);
Removes a single member associated to an agent space
Parameter Syntax
$result = $client->deleteMembership([
'agentSpaceId' => '<string>', // REQUIRED
'applicationId' => '<string>', // REQUIRED
'memberType' => 'USER',
'membershipId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Agent space identifier
- applicationId
-
- Required: Yes
- Type: string
Application identifier
- memberType
-
- Type: string
Type of member (USER or AGENT_SPACE)
- membershipId
-
- Required: Yes
- Type: string
Member identifier (userId or agentSpaceId)
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
DeleteTargetDomain
$result = $client->deleteTargetDomain([/* ... */]); $promise = $client->deleteTargetDomainAsync([/* ... */]);
Deletes a target domain record
Parameter Syntax
$result = $client->deleteTargetDomain([
'targetDomainId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- targetDomainId
-
- Required: Yes
- Type: string
Unique identifier of the target domain to delete
Result Syntax
[
'targetDomainId' => '<string>',
]
Result Details
Members
- targetDomainId
-
- Type: string
Unique identifier of the deleted target domain
Errors
There are no errors described for this operation.
GetApplication
$result = $client->getApplication([/* ... */]); $promise = $client->getApplicationAsync([/* ... */]);
Retrieves application details by application ID
Parameter Syntax
$result = $client->getApplication([
'applicationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- applicationId
-
- Required: Yes
- Type: string
Application ID
Result Syntax
[
'applicationId' => '<string>',
'applicationName' => '<string>',
'defaultKmsKeyId' => '<string>',
'domain' => '<string>',
'idcConfiguration' => [
'idcApplicationArn' => '<string>',
'idcInstanceArn' => '<string>',
],
'roleArn' => '<string>',
]
Result Details
Members
- applicationId
-
- Required: Yes
- Type: string
Application ID
- applicationName
-
- Type: string
Name of the application, automatically assigned by the service
- defaultKmsKeyId
-
- Type: string
Default KMS key identifier used to encrypt application data
- domain
-
- Required: Yes
- Type: string
Domain where the application is available
- idcConfiguration
-
- Type: IdCConfiguration structure
IAM Identity Center configuration for the application
- roleArn
-
- Type: string
ARN of the IAM role that the application uses to access AWS resources on your behalf
Errors
There are no errors described for this operation.
GetArtifact
$result = $client->getArtifact([/* ... */]); $promise = $client->getArtifactAsync([/* ... */]);
Retrieve an Artifact for the given agent space
Parameter Syntax
$result = $client->getArtifact([
'agentSpaceId' => '<string>', // REQUIRED
'artifactId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- artifactId
-
- Required: Yes
- Type: string
Unique identifier of the artifact
Result Syntax
[
'agentSpaceId' => '<string>',
'artifact' => [
'contents' => '<string>',
'type' => 'TXT|PNG|JPEG|MD|PDF|DOCX|DOC|JSON|YAML',
],
'artifactId' => '<string>',
'fileName' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- artifact
-
- Required: Yes
- Type: Artifact structure
Artifact details
- artifactId
-
- Required: Yes
- Type: string
Unique identifier of the artifact
- fileName
-
- Required: Yes
- Type: string
Name of the artifact file
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the artifact was last updated
Errors
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- InternalServerException:
Unexpected server error occurred
- ResourceNotFoundException:
Specified resource was not found
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
GetIntegration
$result = $client->getIntegration([/* ... */]); $promise = $client->getIntegrationAsync([/* ... */]);
Gets Integration metadata from the provided id
Parameter Syntax
$result = $client->getIntegration([
'integrationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- integrationId
-
- Required: Yes
- Type: string
Unique identifier of the integration
Result Syntax
[
'displayName' => '<string>',
'installationId' => '<string>',
'integrationId' => '<string>',
'kmsKeyId' => '<string>',
'provider' => 'GITHUB',
'providerType' => 'SOURCE_CODE|DOCUMENTATION',
]
Result Details
Members
- displayName
-
- Type: string
Display name for the integration
- installationId
-
- Required: Yes
- Type: string
Installation identifier from the provider
- integrationId
-
- Required: Yes
- Type: string
Unique identifier of the integration
- kmsKeyId
-
- Type: string
KMS key ID for encrypting integration details
- provider
-
- Required: Yes
- Type: string
Provider type
- providerType
-
- Required: Yes
- Type: string
Type of provider integration
Errors
- ResourceNotFoundException:
Specified resource was not found
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- InternalServerException:
Unexpected server error occurred
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
InitiateProviderRegistration
$result = $client->initiateProviderRegistration([/* ... */]); $promise = $client->initiateProviderRegistrationAsync([/* ... */]);
Initiates the registration of Security Agent App for an external Provider
Parameter Syntax
$result = $client->initiateProviderRegistration([
'provider' => 'GITHUB', // REQUIRED
]);
Parameter Details
Members
- provider
-
- Required: Yes
- Type: string
Provider to register with
Result Syntax
[
'csrfState' => '<string>',
'redirectTo' => '<string>',
]
Result Details
Members
- csrfState
-
- Required: Yes
- Type: string
CSRF state token for OAuth security
- redirectTo
-
- Required: Yes
- Type: string
OAuth redirect URL
Errors
- ResourceNotFoundException:
Specified resource was not found
- InternalServerException:
Unexpected server error occurred
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- ConflictException:
Request conflicts with current resource state
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
ListAgentSpaces
$result = $client->listAgentSpaces([/* ... */]); $promise = $client->listAgentSpacesAsync([/* ... */]);
Lists agent spaces
Parameter Syntax
$result = $client->listAgentSpaces([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
Maximum number of agent spaces to return
- nextToken
-
- Type: string
Token for pagination
Result Syntax
[
'agentSpaceSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'name' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- agentSpaceSummaries
-
- Type: Array of AgentSpaceSummary structures
List of agent space summaries
- nextToken
-
- Type: string
Token for next page of results
Errors
There are no errors described for this operation.
ListApplications
$result = $client->listApplications([/* ... */]); $promise = $client->listApplicationsAsync([/* ... */]);
Lists all applications in the account
Parameter Syntax
$result = $client->listApplications([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
Maximum number of results to return
- nextToken
-
- Type: string
Token for pagination
Result Syntax
[
'applicationSummaries' => [
[
'applicationId' => '<string>',
'applicationName' => '<string>',
'defaultKmsKeyId' => '<string>',
'domain' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- applicationSummaries
-
- Required: Yes
- Type: Array of ApplicationSummary structures
List of application summaries
- nextToken
-
- Type: string
Token for next page of results
Errors
There are no errors described for this operation.
ListArtifacts
$result = $client->listArtifacts([/* ... */]); $promise = $client->listArtifactsAsync([/* ... */]);
Lists the artifacts for the associated agent space
Parameter Syntax
$result = $client->listArtifacts([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- maxResults
-
- Type: int
Maximum number of results to return
- nextToken
-
- Type: string
Token for pagination
Result Syntax
[
'artifactSummaries' => [
[
'artifactId' => '<string>',
'artifactType' => 'TXT|PNG|JPEG|MD|PDF|DOCX|DOC|JSON|YAML',
'fileName' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- artifactSummaries
-
- Required: Yes
- Type: Array of ArtifactSummary structures
List of artifact summaries
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
Errors
- InternalServerException:
Unexpected server error occurred
- ResourceNotFoundException:
Specified resource was not found
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
ListDiscoveredEndpoints
$result = $client->listDiscoveredEndpoints([/* ... */]); $promise = $client->listDiscoveredEndpointsAsync([/* ... */]);
Lists discovered endpoints associated with a pentest job with optional URI prefix filtering
Parameter Syntax
$result = $client->listDiscoveredEndpoints([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
'pentestJobId' => '<string>', // REQUIRED
'prefix' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest job exists
- maxResults
-
- Type: int
Maximum number of discovered endpoints to return in a single request (default: 50)
- nextToken
-
- Type: string
Token for pagination
- pentestJobId
-
- Required: Yes
- Type: string
Identifier of the pentest job for which to retrieve discovered endpoints
- prefix
-
- Type: string
Optional URI prefix filter to narrow down results
Result Syntax
[
'discoveredEndpoints' => [
[
'agentSpaceId' => '<string>',
'description' => '<string>',
'evidence' => '<string>',
'operation' => '<string>',
'pentestJobId' => '<string>',
'taskId' => '<string>',
'uri' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- discoveredEndpoints
-
- Type: Array of DiscoveredEndpoint structures
List of discovered endpoints for the pentest job
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
Errors
There are no errors described for this operation.
ListFindings
$result = $client->listFindings([/* ... */]); $promise = $client->listFindingsAsync([/* ... */]);
Lists findings with filtering and pagination support. When filters are applied, the actual number of results returned may be less than the specified limit
Parameter Syntax
$result = $client->listFindings([
'agentSpaceId' => '<string>', // REQUIRED
'confidence' => 'FALSE_POSITIVE|UNCONFIRMED|LOW|MEDIUM|HIGH',
'maxResults' => <integer>,
'name' => '<string>',
'nextToken' => '<string>',
'pentestJobId' => '<string>', // REQUIRED
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'riskType' => '<string>',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest job exists
- confidence
-
- Type: string
Filter findings by confidence level
- maxResults
-
- Type: int
Maximum number of findings to return in a single request (default: 50)
- name
-
- Type: string
Filter findings by name (case-insensitive substring search)
- nextToken
-
- Type: string
Token for pagination
- pentestJobId
-
- Required: Yes
- Type: string
Identifier of the pentest job for which to retrieve associated findings
- riskLevel
-
- Type: string
Filter findings by risk level
- riskType
-
- Type: string
Filter findings by risk type
- status
-
- Type: string
Filter findings by status
Result Syntax
[
'findingsSummaries' => [
[
'agentSpaceId' => '<string>',
'confidence' => 'FALSE_POSITIVE|UNCONFIRMED|LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'findingId' => '<string>',
'name' => '<string>',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'riskType' => '<string>',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- findingsSummaries
-
- Type: Array of FindingSummary structures
List of finding summaries matching the filter criteria
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
Errors
There are no errors described for this operation.
ListIntegratedResources
$result = $client->listIntegratedResources([/* ... */]); $promise = $client->listIntegratedResourcesAsync([/* ... */]);
Lists the integrated resources for an agent space
Parameter Syntax
$result = $client->listIntegratedResources([
'agentSpaceId' => '<string>', // REQUIRED
'integrationId' => '<string>',
'maxResults' => <integer>,
'nextToken' => '<string>',
'resourceType' => 'CODE_REPOSITORY',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- integrationId
-
- Type: string
Filter integrated resources by a specific integration
- maxResults
-
- Type: int
Maximum number of results to return
- nextToken
-
- Type: string
Token for pagination
- resourceType
-
- Type: string
Filter integrated resources by resource type
Result Syntax
[
'integratedResourceSummaries' => [
[
'capabilities' => [
'github' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
],
'integrationId' => '<string>',
'resource' => [
'githubRepository' => [
'accessType' => 'PRIVATE|PUBLIC',
'name' => '<string>',
'owner' => '<string>',
'providerResourceId' => '<string>',
],
],
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- integratedResourceSummaries
-
- Required: Yes
- Type: Array of IntegratedResourceSummary structures
List of integrated resources
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
Errors
- ResourceNotFoundException:
Specified resource was not found
- InternalServerException:
Unexpected server error occurred
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
ListIntegrations
$result = $client->listIntegrations([/* ... */]); $promise = $client->listIntegrationsAsync([/* ... */]);
Retrieves the Integrations associated with the user's account
Parameter Syntax
$result = $client->listIntegrations([
'filter' => [
'provider' => 'GITHUB',
'providerType' => 'SOURCE_CODE|DOCUMENTATION',
],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- filter
-
- Type: IntegrationFilter structure
Filter criteria for integrations
- maxResults
-
- Type: int
Maximum number of results to return
- nextToken
-
- Type: string
Token for pagination
Result Syntax
[
'integrationSummaries' => [
[
'displayName' => '<string>',
'installationId' => '<string>',
'integrationId' => '<string>',
'provider' => 'GITHUB',
'providerType' => 'SOURCE_CODE|DOCUMENTATION',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- integrationSummaries
-
- Required: Yes
- Type: Array of IntegrationSummary structures
List of integration summaries
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
Errors
- ResourceNotFoundException:
Specified resource was not found
- InternalServerException:
Unexpected server error occurred
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
ListMemberships
$result = $client->listMemberships([/* ... */]); $promise = $client->listMembershipsAsync([/* ... */]);
Lists all members associated to an agent space with pagination support
Parameter Syntax
$result = $client->listMemberships([
'agentSpaceId' => '<string>', // REQUIRED
'applicationId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'memberType' => 'USER|ALL',
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Agent space identifier
- applicationId
-
- Required: Yes
- Type: string
Application identifier
- maxResults
-
- Type: int
Maximum number of results to return
- memberType
-
- Type: string
Filter by member type
- nextToken
-
- Type: string
Token for pagination
Result Syntax
[
'membershipSummaries' => [
[
'agentSpaceId' => '<string>',
'applicationId' => '<string>',
'config' => [
'user' => [
'role' => 'MEMBER',
],
],
'createdAt' => <DateTime>,
'createdBy' => '<string>',
'memberType' => 'USER',
'membershipId' => '<string>',
'metadata' => [
'user' => [
'email' => '<string>',
'username' => '<string>',
],
],
'updatedAt' => <DateTime>,
'updatedBy' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- membershipSummaries
-
- Required: Yes
- Type: Array of MembershipSummary structures
List of membership summaries
- nextToken
-
- Type: string
Token for next page of results
Errors
There are no errors described for this operation.
ListPentestJobTasks
$result = $client->listPentestJobTasks([/* ... */]); $promise = $client->listPentestJobTasksAsync([/* ... */]);
Lists tasks associated with a specific pentest job
Parameter Syntax
$result = $client->listPentestJobTasks([
'agentSpaceId' => '<string>', // REQUIRED
'categoryName' => '<string>',
'maxResults' => <integer>,
'nextToken' => '<string>',
'pentestJobId' => '<string>',
'stepName' => 'PREFLIGHT|STATIC_ANALYSIS|PENTEST|FINALIZING',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- categoryName
-
- Type: string
Filter tasks by category name.
- maxResults
-
- Type: int
Maximum number of tasks to return in a single request
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
- pentestJobId
-
- Type: string
Identifier of the pentest job whose tasks to list
- stepName
-
- Type: string
Filter tasks by step name
Result Syntax
[
'nextToken' => '<string>',
'taskSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'executionStatus' => 'IN_PROGRESS|ABORTED|COMPLETED|INTERNAL_ERROR|FAILED',
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'riskType' => 'CROSS_SITE_SCRIPTING|DEFAULT_CREDENTIALS|INSECURE_DIRECT_OBJECT_REFERENCE|PRIVILEGE_ESCALATION|SERVER_SIDE_TEMPLATE_INJECTION|COMMAND_INJECTION|CODE_INJECTION|SQL_INJECTION|ARBITRARY_FILE_UPLOAD|INSECURE_DESERIALIZATION|LOCAL_FILE_INCLUSION|INFORMATION_DISCLOSURE|PATH_TRAVERSAL|SERVER_SIDE_REQUEST_FORGERY|JSON_WEB_TOKEN_VULNERABILITIES|XML_EXTERNAL_ENTITY|FILE_DELETION|OTHER|GRAPHQL_VULNERABILITIES|BUSINESS_LOGIC_VULNERABILITIES|CRYPTOGRAPHIC_VULNERABILITIES|DENIAL_OF_SERVICE|FILE_ACCESS|FILE_CREATION|DATABASE_MODIFICATION|DATABASE_ACCESS|OUTBOUND_SERVICE_REQUEST|UNKNOWN',
'taskId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
- taskSummaries
-
- Type: Array of TaskSummary structures
List of task summaries associated with the specified pentest job
Errors
There are no errors described for this operation.
ListPentestJobsForPentest
$result = $client->listPentestJobsForPentest([/* ... */]); $promise = $client->listPentestJobsForPentestAsync([/* ... */]);
Lists pentest jobs associated with a pentest
Parameter Syntax
$result = $client->listPentestJobsForPentest([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
'pentestId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- maxResults
-
- Type: int
Maximum number of pentest jobs to return in a single request
- nextToken
-
- Type: string
Token for pagination
- pentestId
-
- Required: Yes
- Type: string
Identifier of the pentest for which to retrieve associated jobs
Result Syntax
[
'nextToken' => '<string>',
'pentestJobSummaries' => [
[
'createdAt' => <DateTime>,
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
- pentestJobSummaries
-
- Type: Array of PentestJobSummary structures
List of pentest job summaries associated with the pentest
Errors
There are no errors described for this operation.
ListPentests
$result = $client->listPentests([/* ... */]); $promise = $client->listPentestsAsync([/* ... */]);
Lists pentests with optional filtering by status
Parameter Syntax
$result = $client->listPentests([
'agentSpaceId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- maxResults
-
- Type: int
Maximum number of pentests to return in a single request
- nextToken
-
- Type: string
Token for pagination
Result Syntax
[
'nextToken' => '<string>',
'pentestSummaries' => [
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'pentestId' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
Token for pagination to retrieve the next set of results
- pentestSummaries
-
- Type: Array of PentestSummary structures
List of pentest summaries matching the filter criteria
Errors
There are no errors described for this operation.
ListTagsForResource
$result = $client->listTagsForResource([/* ... */]); $promise = $client->listTagsForResourceAsync([/* ... */]);
Lists tags for a Security Agent resource
Parameter Syntax
$result = $client->listTagsForResource([
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
ARN of the resource to list tags for
Result Syntax
[
'tags' => ['<string>', ...],
]
Result Details
Members
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags associated with the resource
Errors
There are no errors described for this operation.
ListTargetDomains
$result = $client->listTargetDomains([/* ... */]); $promise = $client->listTargetDomainsAsync([/* ... */]);
Lists target domains
Parameter Syntax
$result = $client->listTargetDomains([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
Maximum number of target domains to return
- nextToken
-
- Type: string
Token for pagination
Result Syntax
[
'nextToken' => '<string>',
'targetDomainSummaries' => [
[
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
],
// ...
],
]
Result Details
Members
- nextToken
-
- Type: string
Token for next page of results
- targetDomainSummaries
-
- Type: Array of TargetDomainSummary structures
List of target domain summaries
Errors
There are no errors described for this operation.
StartCodeRemediation
$result = $client->startCodeRemediation([/* ... */]); $promise = $client->startCodeRemediationAsync([/* ... */]);
Starts code remediation for the specified findings
Parameter Syntax
$result = $client->startCodeRemediation([
'agentSpaceId' => '<string>', // REQUIRED
'findingIds' => ['<string>', ...], // REQUIRED
'pentestJobId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest job exists
- findingIds
-
- Required: Yes
- Type: Array of strings
Identifiers of the findings to start code remediation for
- pentestJobId
-
- Required: Yes
- Type: string
Identifier of the pentest job to start code remediation for
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
StartPentestJob
$result = $client->startPentestJob([/* ... */]); $promise = $client->startPentestJobAsync([/* ... */]);
Initiates the execution of a pentest
Parameter Syntax
$result = $client->startPentestJob([
'agentSpaceId' => '<string>', // REQUIRED
'pentestId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- pentestId
-
- Required: Yes
- Type: string
Identifier of the pentest to execute
Result Syntax
[
'agentSpaceId' => '<string>',
'createdAt' => <DateTime>,
'pentestId' => '<string>',
'pentestJobId' => '<string>',
'status' => 'IN_PROGRESS|STOPPING|STOPPED|FAILED|COMPLETED',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
ID of the agent space where the pentest exists
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest job was created
- pentestId
-
- Type: string
Unique identifier of the pentest
- pentestJobId
-
- Type: string
Unique identifier of the pentest job
- status
-
- Type: string
Current status of the pentest job
- title
-
- Type: string
Title of the pentest job
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest job was last updated
Errors
There are no errors described for this operation.
StopPentestJob
$result = $client->stopPentestJob([/* ... */]); $promise = $client->stopPentestJobAsync([/* ... */]);
Stops the execution of a running pentest
Parameter Syntax
$result = $client->stopPentestJob([
'agentSpaceId' => '<string>', // REQUIRED
'pentestJobId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- pentestJobId
-
- Required: Yes
- Type: string
Identifier of the pentest job to stop
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
TagResource
$result = $client->tagResource([/* ... */]); $promise = $client->tagResourceAsync([/* ... */]);
Adds tags to a Security Agent resource
Parameter Syntax
$result = $client->tagResource([
'resourceArn' => '<string>', // REQUIRED
'tags' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
ARN of the resource to tag
- tags
-
- Required: Yes
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to add to the resource
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
UntagResource
$result = $client->untagResource([/* ... */]); $promise = $client->untagResourceAsync([/* ... */]);
Removes tags from a Security Agent resource
Parameter Syntax
$result = $client->untagResource([
'resourceArn' => '<string>', // REQUIRED
'tagKeys' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
ARN of the resource to untag
- tagKeys
-
- Required: Yes
- Type: Array of strings
List of tag keys to remove from the resource
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
UpdateAgentSpace
$result = $client->updateAgentSpace([/* ... */]); $promise = $client->updateAgentSpaceAsync([/* ... */]);
Updates an agent space record
Parameter Syntax
$result = $client->updateAgentSpace([
'agentSpaceId' => '<string>', // REQUIRED
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false, // REQUIRED
'generalPurposeScanning' => true || false, // REQUIRED
],
'description' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space to update
- awsResources
-
- Type: AWSResources structure
AWS resource configurations associated with the agent space
- codeReviewSettings
-
- Type: CodeReviewSettings structure
Configuration for code review analysis, including controls scanning and general purpose scanning settings
- description
-
- Type: string
Description of the agent space
- name
-
- Type: string
Name of the agent space
- targetDomainIds
-
- Type: Array of strings
Target domain IDs to associate with the agent space
Result Syntax
[
'agentSpaceId' => '<string>',
'awsResources' => [
'iamRoles' => ['<string>', ...],
'lambdaFunctionArns' => ['<string>', ...],
'logGroups' => ['<string>', ...],
's3Buckets' => ['<string>', ...],
'secretArns' => ['<string>', ...],
'vpcs' => [
[
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
// ...
],
],
'codeReviewSettings' => [
'controlsScanning' => true || false,
'generalPurposeScanning' => true || false,
],
'createdAt' => <DateTime>,
'description' => '<string>',
'name' => '<string>',
'targetDomainIds' => ['<string>', ...],
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- awsResources
-
- Type: AWSResources structure
AWS resource configurations associated with the agent space
- codeReviewSettings
-
- Type: CodeReviewSettings structure
Configuration for code review analysis, including controls scanning and general purpose scanning settings
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was created
- description
-
- Type: string
Description of the agent space
- name
-
- Required: Yes
- Type: string
Name of the agent space
- targetDomainIds
-
- Type: Array of strings
List of target domain IDs registered with the agent space
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was last updated
Errors
There are no errors described for this operation.
UpdateApplication
$result = $client->updateApplication([/* ... */]); $promise = $client->updateApplicationAsync([/* ... */]);
Updates application configuration
Parameter Syntax
$result = $client->updateApplication([
'applicationId' => '<string>', // REQUIRED
'defaultKmsKeyId' => '<string>',
'roleArn' => '<string>',
]);
Parameter Details
Members
- applicationId
-
- Required: Yes
- Type: string
Application ID
- defaultKmsKeyId
-
- Type: string
Default KMS key identifier. Use an empty string to remove the default KMS key.
- roleArn
-
- Type: string
ARN of the IAM role that the application uses to access AWS resources on your behalf
Result Syntax
[
'applicationId' => '<string>',
]
Result Details
Members
- applicationId
-
- Required: Yes
- Type: string
Application ID
Errors
There are no errors described for this operation.
UpdateFinding
$result = $client->updateFinding([/* ... */]); $promise = $client->updateFindingAsync([/* ... */]);
Updates an existing security finding with new details or status
Parameter Syntax
$result = $client->updateFinding([
'agentSpaceId' => '<string>', // REQUIRED
'findingId' => '<string>', // REQUIRED
'riskLevel' => 'UNKNOWN|INFORMATIONAL|LOW|MEDIUM|HIGH|CRITICAL',
'status' => 'ACTIVE|RESOLVED|ACCEPTED|FALSE_POSITIVE',
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the finding exists
- findingId
-
- Required: Yes
- Type: string
Identifier of the finding to update
- riskLevel
-
- Type: string
Updated severity level of the identified risk
- status
-
- Type: string
Updated status of the finding
Result Syntax
[]
Result Details
Errors
There are no errors described for this operation.
UpdateIntegratedResources
$result = $client->updateIntegratedResources([/* ... */]); $promise = $client->updateIntegratedResourcesAsync([/* ... */]);
Updates the integrated resources for an agent space
Parameter Syntax
$result = $client->updateIntegratedResources([
'agentSpaceId' => '<string>', // REQUIRED
'integrationId' => '<string>', // REQUIRED
'items' => [ // REQUIRED
[
'capabilities' => [
'github' => [
'leaveComments' => true || false,
'remediateCode' => true || false,
],
],
'resource' => [ // REQUIRED
'githubRepository' => [
'name' => '<string>', // REQUIRED
'owner' => '<string>', // REQUIRED
],
],
],
// ...
],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- integrationId
-
- Required: Yes
- Type: string
Unique identifier of the integration
- items
-
- Required: Yes
- Type: Array of IntegratedResourceInputItem structures
List of integrated resources to update
Result Syntax
[]
Result Details
Errors
- ValidationException:
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
- ResourceNotFoundException:
Specified resource was not found
- InternalServerException:
Unexpected server error occurred
- ConflictException:
Request conflicts with current resource state
- ThrottlingException:
Request denied due to throttling
- AccessDeniedException:
Request denied due to insufficient permissions
UpdatePentest
$result = $client->updatePentest([/* ... */]); $promise = $client->updatePentestAsync([/* ... */]);
Updates an existing pentest with new configuration or settings
Parameter Syntax
$result = $client->updatePentest([
'agentSpaceId' => '<string>', // REQUIRED
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>', // REQUIRED
'providerResourceId' => '<string>', // REQUIRED
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'codeRemediationStrategy' => 'AUTOMATIC|DISABLED',
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'networkTrafficConfig' => [
'customHeaders' => [
[
'name' => '<string>',
'value' => '<string>',
],
// ...
],
'rules' => [
[
'effect' => 'ALLOW|DENY',
'networkTrafficRuleType' => 'URL',
'pattern' => '<string>',
],
// ...
],
],
'pentestId' => '<string>', // REQUIRED
'serviceRole' => '<string>',
'title' => '<string>',
'vpcConfig' => [
'securityGroupArns' => ['<string>', ...],
'subnetArns' => ['<string>', ...],
'vpcArn' => '<string>',
],
]);
Parameter Details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- assets
-
- Type: Assets structure
Updated assets to be tested
- codeRemediationStrategy
-
- Type: string
Strategy for code remediation on findings
- excludeRiskTypes
-
- Type: Array of strings
A list of risk types excluded from the pentest execution
- logConfig
-
- Type: CloudWatchLog structure
CloudWatch log group and stream prefix where pentest execution logs are stored
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
Configuration for network traffic filtering
- pentestId
-
- Required: Yes
- Type: string
Identifier of the pentest to update
- serviceRole
-
- Type: string
Updated service role ARN for accessing customer resources
- title
-
- Type: string
New title for the pentest
- vpcConfig
-
- Type: VpcConfig structure
VPC configuration that the Security Agent accesses
Result Syntax
[
'agentSpaceId' => '<string>',
'assets' => [
'actors' => [
[
'authentication' => [
'providerType' => 'SECRETS_MANAGER|AWS_LAMBDA|AWS_IAM_ROLE|AWS_INTERNAL',
'value' => '<string>',
],
'description' => '<string>',
'identifier' => '<string>',
'uris' => ['<string>', ...],
],
// ...
],
'documents' => [
[
'artifactId' => '<string>',
's3Location' => '<string>',
],
// ...
],
'endpoints' => [
[
'uri' => '<string>',
],
// ...
],
'integratedRepositories' => [
[
'integrationId' => '<string>',
'providerResourceId' => '<string>',
],
// ...
],
'sourceCode' => [
[
's3Location' => '<string>',
],
// ...
],
],
'createdAt' => <DateTime>,
'excludeRiskTypes' => ['<string>', ...],
'logConfig' => [
'logGroup' => '<string>',
'logStream' => '<string>',
],
'pentestId' => '<string>',
'serviceRole' => '<string>',
'title' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- agentSpaceId
-
- Type: string
ID of the agent space where the pentest exists
- assets
-
- Type: Assets structure
Assets to be tested in the updated pentest
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was created
- excludeRiskTypes
-
- Type: Array of strings
A list of risk types excluded from the pentest execution
- logConfig
-
- Type: CloudWatchLog structure
CloudWatch log group and stream prefix where pentest execution logs are stored
- pentestId
-
- Type: string
Unique identifier of the updated pentest
- serviceRole
-
- Type: string
Service role ARN for accessing customer resources
- title
-
- Type: string
Title of the updated pentest
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was last updated
Errors
There are no errors described for this operation.
UpdateTargetDomain
$result = $client->updateTargetDomain([/* ... */]); $promise = $client->updateTargetDomainAsync([/* ... */]);
Updates a target domain record
Parameter Syntax
$result = $client->updateTargetDomain([
'targetDomainId' => '<string>', // REQUIRED
'verificationMethod' => 'DNS_TXT|HTTP_ROUTE', // REQUIRED
]);
Parameter Details
Members
- targetDomainId
-
- Required: Yes
- Type: string
Unique identifier of the target domain to update
- verificationMethod
-
- Required: Yes
- Type: string
Verification method for the target domain
Result Syntax
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'targetDomainId' => '<string>',
'verificationDetails' => [
'dnsTxt' => [
'dnsRecordName' => '<string>',
'dnsRecordType' => 'TXT',
'token' => '<string>',
],
'httpRoute' => [
'routePath' => '<string>',
'token' => '<string>',
],
'method' => 'DNS_TXT|HTTP_ROUTE',
],
'verificationStatus' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'verifiedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was registered
- domainName
-
- Required: Yes
- Type: string
Name of the target domain
- targetDomainId
-
- Required: Yes
- Type: string
Unique identifier of the target domain
- verificationDetails
-
- Type: VerificationDetails structure
Verification details to verify registered target domain
- verificationStatus
-
- Required: Yes
- Type: string
Current verification status of the registered target domain
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was last successfully verified
Errors
There are no errors described for this operation.
VerifyTargetDomain
$result = $client->verifyTargetDomain([/* ... */]); $promise = $client->verifyTargetDomainAsync([/* ... */]);
Verifies ownership for a registered target domain
Parameter Syntax
$result = $client->verifyTargetDomain([
'targetDomainId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- targetDomainId
-
- Required: Yes
- Type: string
Unique identifier of the target domain
Result Syntax
[
'createdAt' => <DateTime>,
'domainName' => '<string>',
'status' => 'PENDING|VERIFIED|FAILED|UNREACHABLE',
'targetDomainId' => '<string>',
'updatedAt' => <DateTime>,
'verifiedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was registered
- domainName
-
- Type: string
Name of the registered target domain
- status
-
- Type: string
Current verification status of the registered target domain
- targetDomainId
-
- Type: string
Unique identifier of the target domain
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was last updated
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was last successfully verified
Errors
There are no errors described for this operation.
Shapes
AWSResources
Description
AWS resource configurations associated with the agent space
Members
- iamRoles
-
- Type: Array of strings
IAM role ARNs that the Security Agent can assume to access customer resources
- lambdaFunctionArns
-
- Type: Array of strings
Lambda function ARNs or names used to retrieve tester credentials for pentests
- logGroups
-
- Type: Array of strings
CloudWatch log group ARNs or names used to store Security Agent logs
- s3Buckets
-
- Type: Array of strings
S3 bucket ARNs or names used to store Security Agent artifacts
- secretArns
-
- Type: Array of strings
SecretsManager secret ARNs or names used to store tester credentials for pentests
- vpcs
-
- Type: Array of VpcConfig structures
VPC configurations that the Security Agent accesses in the customer environment
AccessDeniedException
Description
Request denied due to insufficient permissions
Members
- message
-
- Required: Yes
- Type: string
Error description
Actor
Description
Represents an entity that interacts with the system during security testing
Members
- authentication
-
- Type: Authentication structure
Authentication information used by the actor to access resources
- description
-
- Type: string
Additional description or details about the actor
- identifier
-
- Type: string
Unique identifier for the actor (case-insensitive)
- uris
-
- Type: Array of strings
List of URIs accessible with the actor's credentials
AgentSpace
Description
Agent space structure
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- awsResources
-
- Type: AWSResources structure
AWS resource configurations
- codeReviewSettings
-
- Type: CodeReviewSettings structure
Configuration for code review analysis, including controls scanning and general purpose scanning settings
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was created
- description
-
- Type: string
Description of the agent space
- kmsKeyId
-
- Type: string
Identifier of the KMS key used to encrypt data. Can be a key ID, key ARN, alias name, or alias ARN. If not specified, an AWS managed key is used.
- name
-
- Required: Yes
- Type: string
Name of the agent space
- targetDomainIds
-
- Type: Array of strings
List of target domain IDs registered with the agent space
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was last updated
AgentSpaceSummary
Description
Summary information for an agent space
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was created
- name
-
- Required: Yes
- Type: string
Name of the agent space
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the agent space was last updated
ApplicationSummary
Description
Application summary for list operations
Members
- applicationId
-
- Required: Yes
- Type: string
Unique identifier of the application
- applicationName
-
- Required: Yes
- Type: string
Name of the application, automatically assigned by the service
- defaultKmsKeyId
-
- Type: string
Default KMS key identifier used to encrypt application data
- domain
-
- Required: Yes
- Type: string
Domain where the application is available
Artifact
Description
Files containing relevant data for review
Members
- contents
-
- Required: Yes
- Type: string
The content of the artifact
- type
-
- Required: Yes
- Type: string
The file type of the artifact
ArtifactMetadataItem
Description
Metadata in relation to the artifact
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Unique identifier of the agent space
- artifactId
-
- Required: Yes
- Type: string
Unique identifier of the artifact
- fileName
-
- Required: Yes
- Type: string
Name of the artifact file
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the artifact was last updated
ArtifactSummary
Description
Summary information about an artifact
Members
- artifactId
-
- Required: Yes
- Type: string
Unique identifier of the artifact
- artifactType
-
- Required: Yes
- Type: string
Type of the artifact file
- fileName
-
- Required: Yes
- Type: string
Name of the artifact file
Assets
Description
Collection of assets to be tested or used during a pentest
Members
- actors
-
- Type: Array of Actor structures
List of actors that interact with the system
- documents
-
- Type: Array of DocumentInfo structures
List of documents providing context for testing
- endpoints
-
- Type: Array of Endpoint structures
List of web application endpoints to test
- integratedRepositories
-
- Type: Array of IntegratedRepository structures
List of integrated code repositories
- sourceCode
-
- Type: Array of SourceCodeRepository structures
List of source code repositories for static analysis
Authentication
Description
Authentication information used to access protected resources
Members
- providerType
-
- Type: string
Provider type for the authentication credentials
- value
-
- Type: string
Authentication credential value or reference
Category
Description
Represents a category classification for tasks
Members
- isPrimary
-
- Type: boolean
Whether this is the primary category for the task
- name
-
- Type: string
Name of the category
CloudWatchLog
Description
Reference to logs stored in CloudWatch
Members
- logGroup
-
- Type: string
Name of the CloudWatch log group
- logStream
-
- Type: string
Name of the CloudWatch log stream
CodeRemediationTask
Description
Information about task for code remediation
Members
- status
-
- Required: Yes
- Type: string
Current status of the code remediation task
- statusReason
-
- Type: string
Reason for the current code remediation task status
- taskDetails
-
- Type: Array of CodeRemediationTaskDetails structures
Details of the code remediation for each repository
CodeRemediationTaskDetails
Description
Code remediation details for a single repository
Members
- codeDiffLink
-
- Type: string
Link to the code diff for the remediation
- pullRequestLink
-
- Type: string
Link to the pull request for the remediation
- repoName
-
- Type: string
Name of the repository
CodeReviewSettings
Description
Details of code review settings
Members
- controlsScanning
-
- Required: Yes
- Type: boolean
Whether Controls are utilized for code review analysis
- generalPurposeScanning
-
- Required: Yes
- Type: boolean
Whether general purpose analysis is performed for code review
ConflictException
Description
Request conflicts with current resource state
Members
- message
-
- Required: Yes
- Type: string
Error description
CustomHeader
Description
Custom headers to be set for network requests
Members
- name
-
- Type: string
Name of header to set value for
- value
-
- Type: string
Value to set for header
DeletePentestFailure
Description
Information about a failed pentest deletion attempt
Members
- pentestId
-
- Type: string
Identifier of the pentest that failed to delete
- reason
-
- Type: string
Reason for the deletion failure
DiscoveredEndpoint
Description
Represents a discovered endpoint during pentest execution
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Identifier of the agent space where the endpoint was discovered
- description
-
- Type: string
Additional description of the endpoint
- evidence
-
- Type: string
Optional evidence or additional information about the endpoint
- operation
-
- Type: string
Operation or action associated with the endpoint
- pentestJobId
-
- Required: Yes
- Type: string
Identifier of the pentest job that discovered this endpoint
- taskId
-
- Required: Yes
- Type: string
Identifier of the task that discovered this endpoint
- uri
-
- Required: Yes
- Type: string
The URI of the discovered endpoint
DnsVerification
Description
Represents dns txt verification details
Members
- dnsRecordName
-
- Type: string
Record name to be added in DNS for target domain
- dnsRecordType
-
- Type: string
Type of record to be added in DNS for target domain
- token
-
- Type: string
Token used to verify domain ownership
DocumentInfo
Description
Information about a document relevant to security testing
Members
- artifactId
-
- Type: string
Artifact ID of the document
- s3Location
-
- Type: string
S3 storage location of the document
Endpoint
Description
Represents a web application endpoint to be tested
Members
- uri
-
- Type: string
URI of the endpoint to test
ErrorInformation
Description
Error information regarding the pentest job
Members
- code
-
- Type: string
Pentest job failure error code
- message
-
- Type: string
Pentest job failure error message
ExecutionContext
Description
Additional context about a pentest or task execution
Members
- context
-
- Type: string
Context associated with a pentest or task execution
- contextType
-
- Type: string
The category of context
- timestamp
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp associated with a pentest or task execution
Finding
Description
Represents a security vulnerability or issue discovered during testing
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Identifier of the agent space that created this finding
- attackScript
-
- Type: string
Proof-of-concept code demonstrating the vulnerability
- codeRemediationTask
-
- Type: CodeRemediationTask structure
Code remediation task associated with this finding
- confidence
-
- Type: string
Confidence level of the finding
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the finding was created
- description
-
- Type: string
Detailed description of the security vulnerability
- findingId
-
- Required: Yes
- Type: string
Unique identifier for the finding
- lastUpdatedBy
-
- Type: string
Identifier of the task or agent that last updated this finding
- name
-
- Type: string
Name or title of the finding
- pentestId
-
- Type: string
Identifier of the parent pentest
- pentestJobId
-
- Type: string
Identifier of the pentest job
- reasoning
-
- Type: string
Justification for the assigned risk score
- riskLevel
-
- Type: string
Severity level of the identified risk
- riskScore
-
- Type: string
Risk score associated with the finding
- riskType
-
- Type: string
Type of security risk identified
- status
-
- Type: string
Current status of the finding
- taskId
-
- Type: string
Identifier of the associated task
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the finding was last updated
FindingSummary
Description
Summary information for a security finding
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Identifier of the agent space that created this finding
- confidence
-
- Type: string
Confidence level of the finding
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the finding was created
- findingId
-
- Required: Yes
- Type: string
Unique identifier for the finding
- name
-
- Type: string
Name or title of the finding
- pentestId
-
- Type: string
Identifier of the parent pentest
- pentestJobId
-
- Type: string
Identifier of the pentest job
- riskLevel
-
- Type: string
Severity level of the identified risk
- riskType
-
- Type: string
Type of security risk identified
- status
-
- Type: string
Current status of the finding
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the finding was last updated
GitHubIntegrationInput
Description
Input parameters for GitHub integration
Members
- code
-
- Required: Yes
- Type: string
Authorization code from OAuth flow
- organizationName
-
- Type: string
Name of the GitHub organization
- state
-
- Required: Yes
- Type: string
CSRF state token for OAuth security
GitHubRepositoryMetadata
Description
Metadata specific to a GitHub repository integrated resource
Members
- accessType
-
- Type: string
Access / Visibility Type of the integrated resource
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc
- owner
-
- Required: Yes
- Type: string
Owner of the repository
- providerResourceId
-
- Required: Yes
- Type: string
Unique resource identifier from the vendor
GitHubRepositoryResource
Description
GitHub repository resource details
Members
- name
-
- Required: Yes
- Type: string
Name of the resource e.g. repository name, etc
- owner
-
- Required: Yes
- Type: string
Owner of the repository
GitHubResourceCapabilities
Description
Capabilities for GitHub repositories
Members
- leaveComments
-
- Type: boolean
Post code review comments on pull requests
- remediateCode
-
- Type: boolean
Create pull requests with automated fixes
HttpVerification
Description
Represents http route verification details
Members
- routePath
-
- Type: string
Route path where verification token should be placed
- token
-
- Type: string
Token used to verify domain ownership
IdCConfiguration
Description
IdC configuration containing application and instance ARNs
Members
- idcApplicationArn
-
- Type: string
ARN of the IAM Identity Center application associated with this application
- idcInstanceArn
-
- Type: string
ARN of the IAM Identity Center instance used for user authentication
IntegratedRepository
Description
Information about an integrated repository
Members
- integrationId
-
- Required: Yes
- Type: string
Integration identifier
- providerResourceId
-
- Required: Yes
- Type: string
External provider resource identifier, e.g., Github repository identifier
IntegratedResource
Description
Integrated resource details from a provider
Members
- githubRepository
-
- Type: GitHubRepositoryResource structure
GitHub repository resource
IntegratedResourceInputItem
Description
Input item for updating an integrated resource
Members
- capabilities
-
- Type: ProviderResourceCapabilities structure
Provider-specific capabilities for the resource
- resource
-
- Required: Yes
- Type: IntegratedResource structure
Configuration of the resource
IntegratedResourceMetadata
Description
Metadata about an integrated resource
Members
- githubRepository
-
- Type: GitHubRepositoryMetadata structure
Metadata for a GitHub repository resource
IntegratedResourceSummary
Description
Summary information about an integrated resource
Members
- capabilities
-
- Type: ProviderResourceCapabilities structure
Capabilities of the integrated resource
- integrationId
-
- Required: Yes
- Type: string
Unique identifier of the integration
- resource
-
- Required: Yes
- Type: IntegratedResourceMetadata structure
The integrated resource details
IntegrationFilter
Description
Filter criteria for integrations
Members
- provider
-
- Type: string
Filter by provider
- providerType
-
- Type: string
Filter by provider type
IntegrationSummary
Description
Summary information about an integration
Members
- displayName
-
- Required: Yes
- Type: string
Display name for the integration
- installationId
-
- Required: Yes
- Type: string
Installation identifier from the provider
- integrationId
-
- Required: Yes
- Type: string
Unique identifier of the integration
- provider
-
- Required: Yes
- Type: string
Provider type
- providerType
-
- Required: Yes
- Type: string
Type of provider integration
InternalServerException
Description
Unexpected server error occurred
Members
- message
-
- Required: Yes
- Type: string
Error description
LogLocation
Description
Location information for execution logs
Members
- cloudWatchLog
-
- Type: CloudWatchLog structure
CloudWatch log information if logs are stored in CloudWatch
- logType
-
- Type: string
Type of log storage
MemberMetadata
Description
Metadata associated with the member
Members
- user
-
- Type: UserMetadata structure
User metadata for USER members
MembershipConfig
Description
Member-specific configuration
Members
- user
-
- Type: UserConfig structure
Configuration for user members
MembershipSummary
Description
Membership summary for list operations
Members
- agentSpaceId
-
- Required: Yes
- Type: string
Agent space identifier
- applicationId
-
- Required: Yes
- Type: string
Application identifier
- config
-
- Type: MembershipConfig structure
Configuration specific to the member type
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the membership was created (ISO 8601)
- createdBy
-
- Required: Yes
- Type: string
User ID who created the membership
- memberType
-
- Required: Yes
- Type: string
Type of member
- membershipId
-
- Required: Yes
- Type: string
Member identifier (userId or agentSpaceId)
- metadata
-
- Type: MemberMetadata structure
Member-specific metadata
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the membership was last updated (ISO 8601)
- updatedBy
-
- Required: Yes
- Type: string
User ID who last updated the membership
NetworkTrafficConfig
Description
Configuration for network traffic filtering
Members
- customHeaders
-
- Type: Array of CustomHeader structures
Custom headers for requests
- rules
-
- Type: Array of NetworkTrafficRule structures
Traffic filtering rules
NetworkTrafficRule
Description
Network traffic filtering rule
Members
- effect
-
- Type: string
Action to take when the rule matches
- networkTrafficRuleType
-
- Type: string
Type of network traffic rule
- pattern
-
- Type: string
Pattern to match against
Pentest
Description
Represents a pentest configuration and execution details
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- assets
-
- Required: Yes
- Type: Assets structure
Collection of assets to be tested or used during the pentest
- codeRemediationStrategy
-
- Type: string
Strategy for code remediation on findings
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was created
- excludeRiskTypes
-
- Type: Array of strings
A list of risk types excluded from the pentest execution
- logConfig
-
- Type: CloudWatchLog structure
CloudWatch log group and stream prefix where pentest execution logs are stored
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
Configuration for network traffic filtering
- pentestId
-
- Required: Yes
- Type: string
Unique identifier for the pentest
- serviceRole
-
- Type: string
Service role ARN for accessing customer resources
- title
-
- Required: Yes
- Type: string
Title or name of the pentest
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was last updated
- vpcConfig
-
- Type: VpcConfig structure
VPC configuration that the Security Agent accesses
PentestJob
Description
Represents a pentest job
Members
- actors
-
- Type: Array of Actor structures
List of actors that interact with the system
- allowedDomains
-
- Type: Array of Endpoint structures
List of allowed domains for network access
- codeRemediationStrategy
-
- Type: string
Strategy for code remediation on findings
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest job was created
- documents
-
- Type: Array of DocumentInfo structures
List of documents providing context for testing
- endpoints
-
- Type: Array of Endpoint structures
List of web application endpoints to test
- errorInformation
-
- Type: ErrorInformation structure
Error information regarding the pentest job
- excludePaths
-
- Type: Array of Endpoint structures
List of URL paths to exclude from testing
- excludeRiskTypes
-
- Type: Array of strings
A list of risk types excluded from the pentest job
- executionContext
-
- Type: Array of ExecutionContext structures
A list of execution context messages associated with the pentest job
- integratedRepositories
-
- Type: Array of IntegratedRepository structures
List of integrated code repositories
- logConfig
-
- Type: CloudWatchLog structure
CloudWatch log group and stream prefix where pentest job logs are stored
- networkTrafficConfig
-
- Type: NetworkTrafficConfig structure
Configuration for network traffic filtering
- overview
-
- Type: string
Overview or description of the pentest job
- pentestId
-
- Type: string
Identifier of the parent pentest
- pentestJobId
-
- Type: string
Unique identifier of the pentest job
- serviceRole
-
- Type: string
Service role ARN for accessing customer resources
- sourceCode
-
- Type: Array of SourceCodeRepository structures
List of source code repositories for static analysis
- status
-
- Type: string
Current status of the pentest job
- steps
-
- Type: Array of Step structures
List of execution steps for the pentest job
- title
-
- Type: string
Title or name of the pentest
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest job was last updated
- vpcConfig
-
- Type: VpcConfig structure
VPC configuration that the Security Agent accesses
PentestJobSummary
Description
Summary information for a pentest job
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest job was created
- pentestId
-
- Required: Yes
- Type: string
Identifier of the parent pentest
- pentestJobId
-
- Required: Yes
- Type: string
Unique identifier of the pentest job
- status
-
- Type: string
Current status of the pentest job
- title
-
- Type: string
Title or name of the pentest
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest job was last updated
PentestSummary
Description
Summary information for a pentest
Members
- agentSpaceId
-
- Required: Yes
- Type: string
ID of the agent space where the pentest exists
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was created
- pentestId
-
- Required: Yes
- Type: string
Unique identifier for the pentest
- title
-
- Required: Yes
- Type: string
Title or name of the pentest
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the pentest was last updated
ProviderInput
Description
Provider-specific input parameters for integration
Members
- github
-
- Type: GitHubIntegrationInput structure
GitHub integration input
ProviderResourceCapabilities
Description
Provider-specific capabilities for integrated resources
Members
- github
-
- Type: GitHubResourceCapabilities structure
Capabilities for GitHub repositories
ResourceNotFoundException
Description
Specified resource was not found
Members
- message
-
- Required: Yes
- Type: string
Error description
SourceCodeRepository
Description
Information about a source code repository for static analysis
Members
- s3Location
-
- Type: string
S3 storage location of the repository
Step
Description
Represents a single step in pentest job execution
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the step was created
- name
-
- Type: string
Name of the execution step
- status
-
- Type: string
Current status of the step
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the step was last updated
TargetDomain
Description
Represents a target domain
Members
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was registered
- domainName
-
- Required: Yes
- Type: string
Name of the registered target domain
- targetDomainId
-
- Required: Yes
- Type: string
Unique identifier of the target domain
- verificationDetails
-
- Type: VerificationDetails structure
Verification details to verify registered target domain
- verificationStatus
-
- Type: string
Current verification status of the registered target domain
- verifiedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the target domain was last successfully verified
TargetDomainSummary
Description
Summary information for a target domain
Members
- domainName
-
- Required: Yes
- Type: string
Name of the registered target domain
- targetDomainId
-
- Required: Yes
- Type: string
Unique identifier of the target domain
- verificationStatus
-
- Type: string
Current verification status of the registered target domain
Task
Description
Represents a task within a pentest job
Members
- agentSpaceId
-
- Type: string
Identifier of the agent space this task belongs to
- categories
-
- Type: Array of Category structures
List of categories associated with this task
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the task was created
- description
-
- Type: string
Detailed description of the task's purpose and scope
- executionStatus
-
- Type: string
Current status of the task execution
- logsLocation
-
- Type: LogLocation structure
Location of execution logs for auditing and review
- pentestId
-
- Type: string
Identifier of the parent pentest
- pentestJobId
-
- Type: string
Identifier of the pentest job this task belongs to
- riskType
-
- Type: string
Type of security risk this task is designed to test
- targetEndpoint
-
- Type: Endpoint structure
Target endpoint for this security test
- taskId
-
- Required: Yes
- Type: string
Unique identifier for the task
- title
-
- Type: string
Title or name of the task
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the task was last updated
TaskSummary
Description
Summary information for a task
Members
- agentSpaceId
-
- Type: string
Identifier of the agent space this task belongs to
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the task was created
- executionStatus
-
- Type: string
Current status of the task execution
- pentestId
-
- Type: string
Identifier of the parent pentest
- pentestJobId
-
- Type: string
Identifier of the pentest job this task belongs to
- riskType
-
- Type: string
Type of security risk this task is designed to test
- taskId
-
- Required: Yes
- Type: string
Unique identifier for the task
- title
-
- Type: string
Title or name of the task
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
Timestamp when the task was last updated
ThrottlingException
Description
Request denied due to throttling
Members
- message
-
- Required: Yes
- Type: string
Error description
- quotaCode
-
- Type: string
Quota code for throttling limit
- serviceCode
-
- Type: string
Service code for throttling limit
UserConfig
Description
User membership configuration
Members
- role
-
- Type: string
Role of the user associated to the agent space
UserMetadata
Description
User-specific metadata
Members
-
- Required: Yes
- Type: string
User email address
- username
-
- Required: Yes
- Type: string
User name/display name
ValidationException
Description
A standard error for input validation failures. This should be thrown by services when a member of the input structure falls outside of the modeled or documented constraints.
Members
- fieldList
-
- Type: Array of ValidationExceptionField structures
A list of specific failures encountered while validating the input. A member can appear in this list more than once if it failed to satisfy multiple constraints.
- message
-
- Required: Yes
- Type: string
A summary of the validation failure.
ValidationExceptionField
Description
Describes one specific validation failure for an input member.
Members
- message
-
- Required: Yes
- Type: string
A detailed description of the validation failure.
- path
-
- Required: Yes
- Type: string
A JSONPointer expression to the structure member whose value failed to satisfy the modeled constraints.
VerificationDetails
Description
Verification details to verify registered target domain
Members
- dnsTxt
-
- Type: DnsVerification structure
Represents dns txt verification details
- httpRoute
-
- Type: HttpVerification structure
Represents http route verification details
- method
-
- Type: string
Type of domain ownership verification method
VpcConfig
Description
Customer VPC configuration that the Security Agent accesses
Members
- securityGroupArns
-
- Type: Array of strings
List of security group ARNs or IDs in the customer VPC
- subnetArns
-
- Type: Array of strings
List of subnet ARNs or IDs in the customer VPC
- vpcArn
-
- Type: string
ARN or ID of the customer VPC