SecurityAgentClient
AWS Security Agent is a frontier agent that proactively secures your applications throughout the development lifecycle. It conducts automated security reviews tailored to your organizational requirements and delivers context-aware penetration testing on demand. By continuously validating security from design to deployment, AWS Security Agent helps prevent vulnerabilities early across all your environments. Key capabilities include design security review for architecture documents, code security review for pull requests in connected repositories, and on-demand penetration testing that discovers, validates, and remediates security vulnerabilities through tailored multi-step attack scenarios. For more information, see the AWS Security Agent User Guide.
Functions
Uploads an artifact to an agent space. Artifacts provide additional context for security testing, such as architecture diagrams, API specifications, or configuration files.
Batch creates security requirements in a customer managed pack.
Deletes one or more code reviews from an agent space.
Deletes one or more pentests from an agent space.
Batch deletes security requirements from a customer managed pack.
Deletes one or more threat models from an agent space.
Retrieves information about one or more agent spaces.
Retrieves metadata for one or more artifacts in an agent space.
Retrieves information about one or more code review jobs in an agent space.
Retrieves information about one or more tasks within a code review job.
Retrieves information about one or more code reviews in an agent space.
Retrieves information about one or more security findings in an agent space.
Retrieves information about one or more pentest jobs in an agent space.
Retrieves information about one or more tasks within a pentest job.
Retrieves information about one or more pentests in an agent space.
Batch retrieves security requirements from a pack.
Retrieves information about one or more target domains.
Retrieves information about one or more threat model jobs in an agent space.
Retrieves information about one or more tasks within a threat model job.
Retrieves information about one or more threat models in an agent space.
Retrieves information about one or more threats.
Batch updates security requirements within a customer managed pack.
Creates a new agent space. An agent space is a dedicated workspace for securing a specific application.
Creates a new application. An application is the top-level organizational unit that supports IAM Identity Center integration.
Creates a new code review configuration in an agent space. A code review defines the parameters for automated security-focused code analysis.
Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.
Creates a new membership, granting a user access to an agent space within an application.
Creates a new pentest configuration in an agent space. A pentest defines the security test parameters, including target assets, risk type exclusions, and logging configuration.
Creates a private connection for reaching a self-hosted provider instance over private networking using Amazon VPC Lattice.
Creates a customer managed security requirement pack.
Creates a new target domain for penetration testing. A target domain is a web domain that must be registered and verified before it can be tested.
Creates a new threat under a threat model job.
Creates a new threat model configuration in an agent space. A threat model defines the parameters for automated threat analysis.
Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.
Deletes an application and its associated configuration, including IAM Identity Center settings.
Deletes an artifact from an agent space.
Deletes an integration with a third-party provider.
Deletes a membership, revoking a user's access to an agent space.
Deletes a private connection.
Deletes a customer managed security requirement pack and all its associated security requirements.
Deletes a target domain registration. After deletion, the domain can no longer be used for penetration testing.
Retrieves the details of a private connection.
Retrieves information about an application.
Retrieves an artifact from an agent space.
Retrieves information about an integration.
Retrieves information about a security requirement pack.
Imports security requirements from uploaded documents into a customer managed security requirement pack. The import process asynchronously extracts and generates structured security requirements from the provided source files.
Initiates the OAuth registration flow with a third-party provider. Returns a redirect URL and CSRF state token for completing the authorization.
Returns a paginated list of agent space summaries in your account.
Returns a paginated list of application summaries in your account.
Returns a paginated list of artifact summaries for the specified agent space.
Returns a paginated list of code review job summaries for the specified code review configuration.
Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.
Returns a paginated list of code review summaries for the specified agent space.
Returns a paginated list of endpoints discovered during a pentest job execution.
Lists the security findings for a pentest job.
Lists the integrated resources for an agent space, optionally filtered by integration or resource type.
Lists the integrations in your account, optionally filtered by provider or provider type.
Returns a paginated list of membership summaries for the specified agent space within an application.
Returns a paginated list of pentest job summaries for the specified pentest configuration.
Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.
Returns a paginated list of pentest summaries for the specified agent space.
Lists the private connections in your account.
Lists all security requirement packs in the caller's account.
Lists security requirements within a pack.
Returns the tags associated with the specified resource.
Returns a paginated list of target domain summaries in your account.
Returns a paginated list of threat model job summaries for the specified threat model.
Returns a paginated list of task summaries for the specified threat model job.
Returns a paginated list of threat model summaries for the specified agent space.
Returns a paginated list of threats for a threat model job.
Initiates code remediation for one or more security findings. This creates pull requests in integrated repositories to fix the identified vulnerabilities.
Starts a new code review job for a code review configuration. The job executes the security-focused code analysis defined in the code review.
Starts a new pentest job for a pentest configuration. The job executes the security tests defined in the pentest.
Starts a new threat model job for a threat model configuration.
Stops a running code review job. The job transitions to a stopping state and then to stopped after cleanup completes.
Stops a running pentest job. The job transitions to a stopping state and then to stopped after cleanup completes.
Stops a running threat model job.
Adds tags to a resource.
Removes tags from a resource.
Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.
Updates the configuration of an existing application, including the IAM role and default KMS key.
Updates an existing code review configuration.
Updates the status or risk level of a security finding.
Updates the integrated resources for an agent space, including their capabilities.
Updates an existing pentest configuration.
Updates the certificate associated with a private connection. Certificates can be added or replaced but not removed.
Updates a security requirement pack. For customer managed packs, both metadata and status can be updated. For AWS managed packs, only status can be updated.
Updates the verification method for a target domain.
Updates a threat.
Updates an existing threat model configuration.
Initiates verification of a target domain. This checks whether the domain ownership verification token has been properly configured.
Inherited functions
Uploads an artifact to an agent space. Artifacts provide additional context for security testing, such as architecture diagrams, API specifications, or configuration files.
Batch creates security requirements in a customer managed pack.
Deletes one or more code reviews from an agent space.
Deletes one or more pentests from an agent space.
Batch deletes security requirements from a customer managed pack.
Deletes one or more threat models from an agent space.
Retrieves information about one or more agent spaces.
Retrieves metadata for one or more artifacts in an agent space.
Retrieves information about one or more code review jobs in an agent space.
Retrieves information about one or more tasks within a code review job.
Retrieves information about one or more code reviews in an agent space.
Retrieves information about one or more security findings in an agent space.
Retrieves information about one or more pentest jobs in an agent space.
Retrieves information about one or more tasks within a pentest job.
Retrieves information about one or more pentests in an agent space.
Batch retrieves security requirements from a pack.
Retrieves information about one or more target domains.
Retrieves information about one or more threat model jobs in an agent space.
Retrieves information about one or more tasks within a threat model job.
Retrieves information about one or more threat models in an agent space.
Retrieves information about one or more threats.
Batch updates security requirements within a customer managed pack.
Creates a new agent space. An agent space is a dedicated workspace for securing a specific application.
Creates a new application. An application is the top-level organizational unit that supports IAM Identity Center integration.
Creates a new code review configuration in an agent space. A code review defines the parameters for automated security-focused code analysis.
Creates a new integration with a third-party provider, such as GitHub, for code review and remediation.
Creates a new membership, granting a user access to an agent space within an application.
Creates a new pentest configuration in an agent space. A pentest defines the security test parameters, including target assets, risk type exclusions, and logging configuration.
Creates a private connection for reaching a self-hosted provider instance over private networking using Amazon VPC Lattice.
Creates a customer managed security requirement pack.
Creates a new target domain for penetration testing. A target domain is a web domain that must be registered and verified before it can be tested.
Creates a new threat under a threat model job.
Creates a new threat model configuration in an agent space. A threat model defines the parameters for automated threat analysis.
Deletes an agent space and all of its associated resources, including pentests, findings, and artifacts.
Deletes an application and its associated configuration, including IAM Identity Center settings.
Deletes an artifact from an agent space.
Deletes an integration with a third-party provider.
Deletes a membership, revoking a user's access to an agent space.
Deletes a private connection.
Deletes a customer managed security requirement pack and all its associated security requirements.
Deletes a target domain registration. After deletion, the domain can no longer be used for penetration testing.
Retrieves the details of a private connection.
Retrieves information about an application.
Retrieves an artifact from an agent space.
Retrieves information about an integration.
Retrieves information about a security requirement pack.
Imports security requirements from uploaded documents into a customer managed security requirement pack. The import process asynchronously extracts and generates structured security requirements from the provided source files.
Initiates the OAuth registration flow with a third-party provider. Returns a redirect URL and CSRF state token for completing the authorization.
Returns a paginated list of agent space summaries in your account.
Paginate over ListAgentSpacesResponse results.
Returns a paginated list of application summaries in your account.
Paginate over ListApplicationsResponse results.
Returns a paginated list of artifact summaries for the specified agent space.
Paginate over ListArtifactsResponse results.
Returns a paginated list of code review job summaries for the specified code review configuration.
Paginate over ListCodeReviewJobsForCodeReviewResponse results.
Returns a paginated list of task summaries for the specified code review job, optionally filtered by step name or category.
Paginate over ListCodeReviewJobTasksResponse results.
Returns a paginated list of code review summaries for the specified agent space.
Paginate over ListCodeReviewsResponse results.
Returns a paginated list of endpoints discovered during a pentest job execution.
Paginate over ListDiscoveredEndpointsResponse results.
Lists the security findings for a pentest job.
Paginate over ListFindingsResponse results.
Lists the integrated resources for an agent space, optionally filtered by integration or resource type.
Paginate over ListIntegratedResourcesResponse results.
Lists the integrations in your account, optionally filtered by provider or provider type.
Paginate over ListIntegrationsResponse results.
Returns a paginated list of membership summaries for the specified agent space within an application.
Paginate over ListMembershipsResponse results.
Returns a paginated list of pentest job summaries for the specified pentest configuration.
Paginate over ListPentestJobsForPentestResponse results.
Returns a paginated list of task summaries for the specified pentest job, optionally filtered by step name or category.
Paginate over ListPentestJobTasksResponse results.
Returns a paginated list of pentest summaries for the specified agent space.
Paginate over ListPentestsResponse results.
Lists the private connections in your account.
Paginate over ListPrivateConnectionsResponse results.
Lists all security requirement packs in the caller's account.
Paginate over ListSecurityRequirementPacksResponse results.
Lists security requirements within a pack.
Paginate over ListSecurityRequirementsResponse results.
Returns the tags associated with the specified resource.
Returns a paginated list of target domain summaries in your account.
Paginate over ListTargetDomainsResponse results.
Returns a paginated list of threat model job summaries for the specified threat model.
Paginate over ListThreatModelJobsResponse results.
Returns a paginated list of task summaries for the specified threat model job.
Paginate over ListThreatModelJobTasksResponse results.
Returns a paginated list of threat model summaries for the specified agent space.
Paginate over ListThreatModelsResponse results.
Returns a paginated list of threats for a threat model job.
Paginate over ListThreatsResponse results.
Initiates code remediation for one or more security findings. This creates pull requests in integrated repositories to fix the identified vulnerabilities.
Starts a new code review job for a code review configuration. The job executes the security-focused code analysis defined in the code review.
Starts a new pentest job for a pentest configuration. The job executes the security tests defined in the pentest.
Starts a new threat model job for a threat model configuration.
Stops a running code review job. The job transitions to a stopping state and then to stopped after cleanup completes.
Stops a running pentest job. The job transitions to a stopping state and then to stopped after cleanup completes.
Stops a running threat model job.
Adds tags to a resource.
Removes tags from a resource.
Updates the configuration of an existing agent space, including its name, description, AWS resources, target domains, and code review settings.
Updates the configuration of an existing application, including the IAM role and default KMS key.
Updates an existing code review configuration.
Updates the status or risk level of a security finding.
Updates the integrated resources for an agent space, including their capabilities.
Updates an existing pentest configuration.
Updates the certificate associated with a private connection. Certificates can be added or replaced but not removed.
Updates a security requirement pack. For customer managed packs, both metadata and status can be updated. For AWS managed packs, only status can be updated.
Updates the verification method for a target domain.
Updates a threat.
Updates an existing threat model configuration.
Initiates verification of a target domain. This checks whether the domain ownership verification token has been properly configured.
Create a copy of the client with one or more configuration values overridden. This method allows the caller to perform scoped config overrides for one or more client operations.