Prerequisites Select repositories and enable code remediation capability

Enable users to start remediation of penetration test findings

In the AWS Management Console, you can enable the code remediation feature that allows users to remediate findings in the penetration test web app.

When you enable this functionality in the AWS Management Console, users of the AWS Security Agent web app can start code remediation for a specific finding. The remediation will be available as GitHub pull requests.

Prerequisites

Before you begin, ensure you have:

Enabled penetration test (see Enable penetration test)
Installed and authorized the AWS Security Agent GitHub App for your GitHub organization (see Connect AWS Security Agent to GitHub repositories)

Select repositories and enable code remediation capability

Navigate to the Agent Space overview page.
Choose Penetration test tab.
Select a GitHub registration that owns your GitHub repositories.
1. If you haven’t associated any GitHub registration to the Agent Space, you can see a Connect GitHub for penetration testing information box. Click the Add button on its right side to select the GitHub registration.
2. If you already associated some GitHub registration to the Agent Space, you can add more by clicking the Add button in the Connected integrations section.
Click Next to choose GitHub repositories.
Click Next to configure repositories capabilities. In the Pentest remediation enabled column, mark the repositories as Enabled to allow the Agent Space to remediate the code according to the penetration findings.
Click Connect to finish the configuration.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Connect agent to private VPC resources

Provide agent resources from an S3 bucket