SecurityAgent / Client / batch_get_pentest_jobs
batch_get_pentest_jobs¶
- SecurityAgent.Client.batch_get_pentest_jobs(**kwargs)¶
Retrieves multiple pentest jobs in a single request
See also: AWS API Documentation
Request Syntax
response = client.batch_get_pentest_jobs( pentestJobIds=[ 'string', ], agentSpaceId='string' )
- Parameters:
pentestJobIds (list) –
[REQUIRED]
List of pentest job IDs to retrieve
(string) –
agentSpaceId (string) –
[REQUIRED]
ID of the agent space where the pentest exists
- Return type:
dict
- Returns:
Response Syntax
{ 'pentestJobs': [ { 'pentestJobId': 'string', 'pentestId': 'string', 'title': 'string', 'overview': 'string', 'status': 'IN_PROGRESS'|'STOPPING'|'STOPPED'|'FAILED'|'COMPLETED', 'endpoints': [ { 'uri': 'string' }, ], 'actors': [ { 'identifier': 'string', 'uris': [ 'string', ], 'authentication': { 'providerType': 'SECRETS_MANAGER'|'AWS_LAMBDA'|'AWS_IAM_ROLE'|'AWS_INTERNAL', 'value': 'string' }, 'description': 'string' }, ], 'documents': [ { 's3Location': 'string', 'artifactId': 'string' }, ], 'sourceCode': [ { 's3Location': 'string' }, ], 'excludePaths': [ { 'uri': 'string' }, ], 'allowedDomains': [ { 'uri': 'string' }, ], 'excludeRiskTypes': [ 'CROSS_SITE_SCRIPTING'|'DEFAULT_CREDENTIALS'|'INSECURE_DIRECT_OBJECT_REFERENCE'|'PRIVILEGE_ESCALATION'|'SERVER_SIDE_TEMPLATE_INJECTION'|'COMMAND_INJECTION'|'CODE_INJECTION'|'SQL_INJECTION'|'ARBITRARY_FILE_UPLOAD'|'INSECURE_DESERIALIZATION'|'LOCAL_FILE_INCLUSION'|'INFORMATION_DISCLOSURE'|'PATH_TRAVERSAL'|'SERVER_SIDE_REQUEST_FORGERY'|'JSON_WEB_TOKEN_VULNERABILITIES'|'XML_EXTERNAL_ENTITY'|'FILE_DELETION'|'OTHER'|'GRAPHQL_VULNERABILITIES'|'BUSINESS_LOGIC_VULNERABILITIES'|'CRYPTOGRAPHIC_VULNERABILITIES'|'DENIAL_OF_SERVICE'|'FILE_ACCESS'|'FILE_CREATION'|'DATABASE_MODIFICATION'|'DATABASE_ACCESS'|'OUTBOUND_SERVICE_REQUEST'|'UNKNOWN', ], 'steps': [ { 'name': 'PREFLIGHT'|'STATIC_ANALYSIS'|'PENTEST'|'FINALIZING', 'status': 'NOT_STARTED'|'IN_PROGRESS'|'COMPLETED'|'FAILED'|'STOPPED', 'createdAt': datetime(2015, 1, 1), 'updatedAt': datetime(2015, 1, 1) }, ], 'executionContext': [ { 'contextType': 'ERROR'|'CLIENT_ERROR'|'WARNING'|'INFO', 'context': 'string', 'timestamp': datetime(2015, 1, 1) }, ], 'serviceRole': 'string', 'logConfig': { 'logGroup': 'string', 'logStream': 'string' }, 'vpcConfig': { 'vpcArn': 'string', 'securityGroupArns': [ 'string', ], 'subnetArns': [ 'string', ] }, 'networkTrafficConfig': { 'rules': [ { 'effect': 'ALLOW'|'DENY', 'pattern': 'string', 'networkTrafficRuleType': 'URL' }, ], 'customHeaders': [ { 'name': 'string', 'value': 'string' }, ] }, 'errorInformation': { 'code': 'CLIENT_ERROR'|'INTERNAL_ERROR'|'STOPPED_BY_USER', 'message': 'string' }, 'integratedRepositories': [ { 'integrationId': 'string', 'providerResourceId': 'string' }, ], 'codeRemediationStrategy': 'AUTOMATIC'|'DISABLED', 'createdAt': datetime(2015, 1, 1), 'updatedAt': datetime(2015, 1, 1) }, ], 'notFound': [ 'string', ] }
Response Structure
(dict) –
Output for the BatchGetPentestJobs operation
pentestJobs (list) –
List of successfully retrieved pentest jobs
(dict) –
Represents a pentest job
pentestJobId (string) –
Unique identifier of the pentest job
pentestId (string) –
Identifier of the parent pentest
title (string) –
Title or name of the pentest
overview (string) –
Overview or description of the pentest job
status (string) –
Current status of the pentest job
endpoints (list) –
List of web application endpoints to test
(dict) –
Represents a web application endpoint to be tested
uri (string) –
URI of the endpoint to test
actors (list) –
List of actors that interact with the system
(dict) –
Represents an entity that interacts with the system during security testing
identifier (string) –
Unique identifier for the actor (case-insensitive)
uris (list) –
List of URIs accessible with the actor’s credentials
(string) –
authentication (dict) –
Authentication information used by the actor to access resources
providerType (string) –
Provider type for the authentication credentials
value (string) –
Authentication credential value or reference
description (string) –
Additional description or details about the actor
documents (list) –
List of documents providing context for testing
(dict) –
Information about a document relevant to security testing
s3Location (string) –
S3 storage location of the document
artifactId (string) –
Artifact ID of the document
sourceCode (list) –
List of source code repositories for static analysis
(dict) –
Information about a source code repository for static analysis
s3Location (string) –
S3 storage location of the repository
excludePaths (list) –
List of URL paths to exclude from testing
(dict) –
Represents a web application endpoint to be tested
uri (string) –
URI of the endpoint to test
allowedDomains (list) –
List of allowed domains for network access
(dict) –
Represents a web application endpoint to be tested
uri (string) –
URI of the endpoint to test
excludeRiskTypes (list) –
A list of risk types excluded from the pentest job
(string) –
Type of security risk
steps (list) –
List of execution steps for the pentest job
(dict) –
Represents a single step in pentest job execution
name (string) –
Name of the execution step
status (string) –
Current status of the step
createdAt (datetime) –
Timestamp when the step was created
updatedAt (datetime) –
Timestamp when the step was last updated
executionContext (list) –
A list of execution context messages associated with the pentest job
(dict) –
Additional context about a pentest or task execution
contextType (string) –
The category of context
context (string) –
Context associated with a pentest or task execution
timestamp (datetime) –
Timestamp associated with a pentest or task execution
serviceRole (string) –
Service role ARN for accessing customer resources
logConfig (dict) –
CloudWatch log group and stream prefix where pentest job logs are stored
logGroup (string) –
Name of the CloudWatch log group
logStream (string) –
Name of the CloudWatch log stream
vpcConfig (dict) –
VPC configuration that the Security Agent accesses
vpcArn (string) –
ARN or ID of the customer VPC
securityGroupArns (list) –
List of security group ARNs or IDs in the customer VPC
(string) –
ARN or ID of a security group
subnetArns (list) –
List of subnet ARNs or IDs in the customer VPC
(string) –
ARN or ID of a subnet
networkTrafficConfig (dict) –
Configuration for network traffic filtering
rules (list) –
Traffic filtering rules
(dict) –
Network traffic filtering rule
effect (string) –
Action to take when the rule matches
pattern (string) –
Pattern to match against
networkTrafficRuleType (string) –
Type of network traffic rule
customHeaders (list) –
Custom headers for requests
(dict) –
Custom headers to be set for network requests
name (string) –
Name of header to set value for
value (string) –
Value to set for header
errorInformation (dict) –
Error information regarding the pentest job
code (string) –
Pentest job failure error code
message (string) –
Pentest job failure error message
integratedRepositories (list) –
List of integrated code repositories
(dict) –
Information about an integrated repository
integrationId (string) –
Integration identifier
providerResourceId (string) –
External provider resource identifier, e.g., Github repository identifier
codeRemediationStrategy (string) –
Strategy for code remediation on findings
createdAt (datetime) –
Timestamp when the pentest job was created
updatedAt (datetime) –
Timestamp when the pentest job was last updated
notFound (list) –
List of pentest job IDs that could not be found
(string) –