aws-sdk-securityagent 1.5.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityagent/client.rb +2144 -22
  5. data/lib/aws-sdk-securityagent/client_api.rb +1373 -0
  6. data/lib/aws-sdk-securityagent/errors.rb +16 -0
  7. data/lib/aws-sdk-securityagent/types.rb +4230 -510
  8. data/lib/aws-sdk-securityagent.rb +1 -1
  9. data/sig/client.rbs +683 -15
  10. data/sig/errors.rbs +3 -0
  11. data/sig/params.rbs +10 -4
  12. data/sig/types.rbs +1001 -11
  13. metadata +1 -1
data/lib/aws-sdk-securityagent/client.rb CHANGED
@@ -517,6 +517,60 @@ module Aws::SecurityAgent
517
517
  req.send_request(options)
518
518
  end
519
519
 
520
+ # Batch creates security requirements in a customer managed pack.
521
+ #
522
+ # @option params [required, String] :pack_id
523
+ # The unique identifier of the security requirement pack to add
524
+ # requirements to.
525
+ #
526
+ # @option params [required, Array<Types::CreateSecurityRequirementEntry>] :security_requirements
527
+ # The list of security requirements to create.
528
+ #
529
+ # @return [Types::BatchCreateSecurityRequirementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
530
+ #
531
+ # * {Types::BatchCreateSecurityRequirementsOutput#security_requirements #security_requirements} => Array&lt;Types::BatchCreateSecurityRequirementResult&gt;
532
+ # * {Types::BatchCreateSecurityRequirementsOutput#errors #errors} => Array&lt;Types::BatchSecurityRequirementError&gt;
533
+ #
534
+ # @example Request syntax with placeholder values
535
+ #
536
+ # resp = client.batch_create_security_requirements({
537
+ # pack_id: "SecurityRequirementPackId", # required
538
+ # security_requirements: [ # required
539
+ # {
540
+ # name: "SecurityRequirementName", # required
541
+ # description: "String", # required
542
+ # domain: "String", # required
543
+ # evaluation: "String", # required
544
+ # remediation: "String",
545
+ # },
546
+ # ],
547
+ # })
548
+ #
549
+ # @example Response structure
550
+ #
551
+ # resp.security_requirements #=> Array
552
+ # resp.security_requirements[0].pack_id #=> String
553
+ # resp.security_requirements[0].name #=> String
554
+ # resp.security_requirements[0].description #=> String
555
+ # resp.security_requirements[0].domain #=> String
556
+ # resp.security_requirements[0].evaluation #=> String
557
+ # resp.security_requirements[0].remediation #=> String
558
+ # resp.security_requirements[0].created_at #=> Time
559
+ # resp.security_requirements[0].updated_at #=> Time
560
+ # resp.errors #=> Array
561
+ # resp.errors[0].security_requirement_name #=> String
562
+ # resp.errors[0].code #=> String
563
+ # resp.errors[0].message #=> String
564
+ #
565
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchCreateSecurityRequirements AWS API Documentation
566
+ #
567
+ # @overload batch_create_security_requirements(params = {})
568
+ # @param [Hash] params ({})
569
+ def batch_create_security_requirements(params = {}, options = {})
570
+ req = build_request(:batch_create_security_requirements, params)
571
+ req.send_request(options)
572
+ end
573
+
520
574
  # Deletes one or more code reviews from an agent space.
521
575
  #
522
576
  # @option params [required, Array<String>] :code_review_ids
@@ -594,6 +648,8 @@ module Aws::SecurityAgent
594
648
  # resp.deleted[0].assets.documents #=> Array
595
649
  # resp.deleted[0].assets.documents[0].s3_location #=> String
596
650
  # resp.deleted[0].assets.documents[0].artifact_id #=> String
651
+ # resp.deleted[0].assets.documents[0].integrated_document.integration_id #=> String
652
+ # resp.deleted[0].assets.documents[0].integrated_document.resource_id #=> String
597
653
  # resp.deleted[0].assets.source_code #=> Array
598
654
  # resp.deleted[0].assets.source_code[0].s3_location #=> String
599
655
  # resp.deleted[0].assets.integrated_repositories #=> Array
@@ -617,6 +673,9 @@ module Aws::SecurityAgent
617
673
  # resp.deleted[0].network_traffic_config.custom_headers[0].name #=> String
618
674
  # resp.deleted[0].network_traffic_config.custom_headers[0].value #=> String
619
675
  # resp.deleted[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
676
+ # resp.deleted[0].clean_up_strategy #=> String, one of "BEST_EFFORT_DELETE", "RETAIN_ALL"
677
+ # resp.deleted[0].disable_managed_skills #=> Array
678
+ # resp.deleted[0].disable_managed_skills[0] #=> String, one of "FINDING_PERSONALIZATION", "LOGIN_OPTIMIZATION"
620
679
  # resp.deleted[0].created_at #=> Time
621
680
  # resp.deleted[0].updated_at #=> Time
622
681
  # resp.failed #=> Array
@@ -632,6 +691,83 @@ module Aws::SecurityAgent
632
691
  req.send_request(options)
633
692
  end
634
693
 
694
+ # Batch deletes security requirements from a customer managed pack.
695
+ #
696
+ # @option params [required, String] :pack_id
697
+ # The unique identifier of the security requirement pack to remove
698
+ # requirements from.
699
+ #
700
+ # @option params [required, Array<String>] :security_requirement_names
701
+ # The list of security requirement names to delete.
702
+ #
703
+ # @return [Types::BatchDeleteSecurityRequirementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
704
+ #
705
+ # * {Types::BatchDeleteSecurityRequirementsOutput#deleted_security_requirement_names #deleted_security_requirement_names} => Array&lt;String&gt;
706
+ # * {Types::BatchDeleteSecurityRequirementsOutput#errors #errors} => Array&lt;Types::BatchSecurityRequirementError&gt;
707
+ #
708
+ # @example Request syntax with placeholder values
709
+ #
710
+ # resp = client.batch_delete_security_requirements({
711
+ # pack_id: "SecurityRequirementPackId", # required
712
+ # security_requirement_names: ["SecurityRequirementName"], # required
713
+ # })
714
+ #
715
+ # @example Response structure
716
+ #
717
+ # resp.deleted_security_requirement_names #=> Array
718
+ # resp.deleted_security_requirement_names[0] #=> String
719
+ # resp.errors #=> Array
720
+ # resp.errors[0].security_requirement_name #=> String
721
+ # resp.errors[0].code #=> String
722
+ # resp.errors[0].message #=> String
723
+ #
724
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchDeleteSecurityRequirements AWS API Documentation
725
+ #
726
+ # @overload batch_delete_security_requirements(params = {})
727
+ # @param [Hash] params ({})
728
+ def batch_delete_security_requirements(params = {}, options = {})
729
+ req = build_request(:batch_delete_security_requirements, params)
730
+ req.send_request(options)
731
+ end
732
+
733
+ # Deletes one or more threat models from an agent space.
734
+ #
735
+ # @option params [required, Array<String>] :threat_model_ids
736
+ # The list of threat model identifiers to delete.
737
+ #
738
+ # @option params [required, String] :agent_space_id
739
+ # The unique identifier of the agent space that contains the threat
740
+ # models to delete.
741
+ #
742
+ # @return [Types::BatchDeleteThreatModelsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
743
+ #
744
+ # * {Types::BatchDeleteThreatModelsOutput#deleted #deleted} => Array&lt;String&gt;
745
+ # * {Types::BatchDeleteThreatModelsOutput#failed #failed} => Array&lt;Types::DeleteThreatModelFailure&gt;
746
+ #
747
+ # @example Request syntax with placeholder values
748
+ #
749
+ # resp = client.batch_delete_threat_models({
750
+ # threat_model_ids: ["String"], # required
751
+ # agent_space_id: "String", # required
752
+ # })
753
+ #
754
+ # @example Response structure
755
+ #
756
+ # resp.deleted #=> Array
757
+ # resp.deleted[0] #=> String
758
+ # resp.failed #=> Array
759
+ # resp.failed[0].threat_model_id #=> String
760
+ # resp.failed[0].reason #=> String
761
+ #
762
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchDeleteThreatModels AWS API Documentation
763
+ #
764
+ # @overload batch_delete_threat_models(params = {})
765
+ # @param [Hash] params ({})
766
+ def batch_delete_threat_models(params = {}, options = {})
767
+ req = build_request(:batch_delete_threat_models, params)
768
+ req.send_request(options)
769
+ end
770
+
635
771
  # Retrieves information about one or more agent spaces.
636
772
  #
637
773
  # @option params [required, Array<String>] :agent_space_ids
@@ -810,10 +946,12 @@ module Aws::SecurityAgent
810
946
  # resp.code_review_jobs[0].documents #=> Array
811
947
  # resp.code_review_jobs[0].documents[0].s3_location #=> String
812
948
  # resp.code_review_jobs[0].documents[0].artifact_id #=> String
949
+ # resp.code_review_jobs[0].documents[0].integrated_document.integration_id #=> String
950
+ # resp.code_review_jobs[0].documents[0].integrated_document.resource_id #=> String
813
951
  # resp.code_review_jobs[0].source_code #=> Array
814
952
  # resp.code_review_jobs[0].source_code[0].s3_location #=> String
815
953
  # resp.code_review_jobs[0].steps #=> Array
816
- # resp.code_review_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
954
+ # resp.code_review_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING", "VALIDATION"
817
955
  # resp.code_review_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
818
956
  # resp.code_review_jobs[0].steps[0].created_at #=> Time
819
957
  # resp.code_review_jobs[0].steps[0].updated_at #=> Time
@@ -884,6 +1022,8 @@ module Aws::SecurityAgent
884
1022
  # resp.code_reviews[0].assets.documents #=> Array
885
1023
  # resp.code_reviews[0].assets.documents[0].s3_location #=> String
886
1024
  # resp.code_reviews[0].assets.documents[0].artifact_id #=> String
1025
+ # resp.code_reviews[0].assets.documents[0].integrated_document.integration_id #=> String
1026
+ # resp.code_reviews[0].assets.documents[0].integrated_document.resource_id #=> String
887
1027
  # resp.code_reviews[0].assets.source_code #=> Array
888
1028
  # resp.code_reviews[0].assets.source_code[0].s3_location #=> String
889
1029
  # resp.code_reviews[0].assets.integrated_repositories #=> Array
@@ -893,6 +1033,7 @@ module Aws::SecurityAgent
893
1033
  # resp.code_reviews[0].log_config.log_group #=> String
894
1034
  # resp.code_reviews[0].log_config.log_stream #=> String
895
1035
  # resp.code_reviews[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
1036
+ # resp.code_reviews[0].validation_mode #=> String, one of "DISABLED", "SIMULATED"
896
1037
  # resp.code_reviews[0].created_at #=> Time
897
1038
  # resp.code_reviews[0].updated_at #=> Time
898
1039
  # resp.not_found #=> Array
@@ -946,6 +1087,7 @@ module Aws::SecurityAgent
946
1087
  # resp.findings[0].risk_score #=> String
947
1088
  # resp.findings[0].reasoning #=> String
948
1089
  # resp.findings[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
1090
+ # resp.findings[0].validation_status #=> String, one of "CONFIRMED", "NOT_REPRODUCED", "VALIDATION_FAILED", "VALIDATING", "NOT_VALIDATED"
949
1091
  # resp.findings[0].attack_script #=> String
950
1092
  # resp.findings[0].code_remediation_task.status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED"
951
1093
  # resp.findings[0].code_remediation_task.status_reason #=> String
@@ -954,6 +1096,7 @@ module Aws::SecurityAgent
954
1096
  # resp.findings[0].code_remediation_task.task_details[0].code_diff_link #=> String
955
1097
  # resp.findings[0].code_remediation_task.task_details[0].pull_request_link #=> String
956
1098
  # resp.findings[0].last_updated_by #=> String
1099
+ # resp.findings[0].customer_note #=> String
957
1100
  # resp.findings[0].code_locations #=> Array
958
1101
  # resp.findings[0].code_locations[0].file_path #=> String
959
1102
  # resp.findings[0].code_locations[0].line_start #=> Integer
@@ -965,6 +1108,7 @@ module Aws::SecurityAgent
965
1108
  # resp.findings[0].verification_script.env_vars #=> Array
966
1109
  # resp.findings[0].verification_script.env_vars[0].name #=> String
967
1110
  # resp.findings[0].verification_script.env_vars[0].value #=> String
1111
+ # resp.findings[0].alignment_rationale #=> String
968
1112
  # resp.findings[0].created_at #=> Time
969
1113
  # resp.findings[0].updated_at #=> Time
970
1114
  # resp.not_found #=> Array
@@ -1073,6 +1217,8 @@ module Aws::SecurityAgent
1073
1217
  # resp.pentest_jobs[0].documents #=> Array
1074
1218
  # resp.pentest_jobs[0].documents[0].s3_location #=> String
1075
1219
  # resp.pentest_jobs[0].documents[0].artifact_id #=> String
1220
+ # resp.pentest_jobs[0].documents[0].integrated_document.integration_id #=> String
1221
+ # resp.pentest_jobs[0].documents[0].integrated_document.resource_id #=> String
1076
1222
  # resp.pentest_jobs[0].source_code #=> Array
1077
1223
  # resp.pentest_jobs[0].source_code[0].s3_location #=> String
1078
1224
  # resp.pentest_jobs[0].exclude_paths #=> Array
@@ -1082,7 +1228,7 @@ module Aws::SecurityAgent
1082
1228
  # resp.pentest_jobs[0].exclude_risk_types #=> Array
1083
1229
  # resp.pentest_jobs[0].exclude_risk_types[0] #=> String, one of "CROSS_SITE_SCRIPTING", "DEFAULT_CREDENTIALS", "INSECURE_DIRECT_OBJECT_REFERENCE", "PRIVILEGE_ESCALATION", "SERVER_SIDE_TEMPLATE_INJECTION", "COMMAND_INJECTION", "CODE_INJECTION", "SQL_INJECTION", "ARBITRARY_FILE_UPLOAD", "INSECURE_DESERIALIZATION", "LOCAL_FILE_INCLUSION", "INFORMATION_DISCLOSURE", "PATH_TRAVERSAL", "SERVER_SIDE_REQUEST_FORGERY", "JSON_WEB_TOKEN_VULNERABILITIES", "XML_EXTERNAL_ENTITY", "FILE_DELETION", "OTHER", "GRAPHQL_VULNERABILITIES", "BUSINESS_LOGIC_VULNERABILITIES", "CRYPTOGRAPHIC_VULNERABILITIES", "DENIAL_OF_SERVICE", "FILE_ACCESS", "FILE_CREATION", "DATABASE_MODIFICATION", "DATABASE_ACCESS", "OUTBOUND_SERVICE_REQUEST", "UNKNOWN"
1084
1230
  # resp.pentest_jobs[0].steps #=> Array
1085
- # resp.pentest_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING"
1231
+ # resp.pentest_jobs[0].steps[0].name #=> String, one of "PREFLIGHT", "STATIC_ANALYSIS", "PENTEST", "FINALIZING", "VALIDATION"
1086
1232
  # resp.pentest_jobs[0].steps[0].status #=> String, one of "NOT_STARTED", "IN_PROGRESS", "COMPLETED", "FAILED", "STOPPED"
1087
1233
  # resp.pentest_jobs[0].steps[0].created_at #=> Time
1088
1234
  # resp.pentest_jobs[0].steps[0].updated_at #=> Time
@@ -1111,6 +1257,9 @@ module Aws::SecurityAgent
1111
1257
  # resp.pentest_jobs[0].integrated_repositories[0].integration_id #=> String
1112
1258
  # resp.pentest_jobs[0].integrated_repositories[0].provider_resource_id #=> String
1113
1259
  # resp.pentest_jobs[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
1260
+ # resp.pentest_jobs[0].clean_up_strategy #=> String, one of "BEST_EFFORT_DELETE", "RETAIN_ALL"
1261
+ # resp.pentest_jobs[0].disable_managed_skills #=> Array
1262
+ # resp.pentest_jobs[0].disable_managed_skills[0] #=> String, one of "FINDING_PERSONALIZATION", "LOGIN_OPTIMIZATION"
1114
1263
  # resp.pentest_jobs[0].created_at #=> Time
1115
1264
  # resp.pentest_jobs[0].updated_at #=> Time
1116
1265
  # resp.not_found #=> Array
@@ -1163,6 +1312,8 @@ module Aws::SecurityAgent
1163
1312
  # resp.pentests[0].assets.documents #=> Array
1164
1313
  # resp.pentests[0].assets.documents[0].s3_location #=> String
1165
1314
  # resp.pentests[0].assets.documents[0].artifact_id #=> String
1315
+ # resp.pentests[0].assets.documents[0].integrated_document.integration_id #=> String
1316
+ # resp.pentests[0].assets.documents[0].integrated_document.resource_id #=> String
1166
1317
  # resp.pentests[0].assets.source_code #=> Array
1167
1318
  # resp.pentests[0].assets.source_code[0].s3_location #=> String
1168
1319
  # resp.pentests[0].assets.integrated_repositories #=> Array
@@ -1186,6 +1337,9 @@ module Aws::SecurityAgent
1186
1337
  # resp.pentests[0].network_traffic_config.custom_headers[0].name #=> String
1187
1338
  # resp.pentests[0].network_traffic_config.custom_headers[0].value #=> String
1188
1339
  # resp.pentests[0].code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
1340
+ # resp.pentests[0].clean_up_strategy #=> String, one of "BEST_EFFORT_DELETE", "RETAIN_ALL"
1341
+ # resp.pentests[0].disable_managed_skills #=> Array
1342
+ # resp.pentests[0].disable_managed_skills[0] #=> String, one of "FINDING_PERSONALIZATION", "LOGIN_OPTIMIZATION"
1189
1343
  # resp.pentests[0].created_at #=> Time
1190
1344
  # resp.pentests[0].updated_at #=> Time
1191
1345
  # resp.not_found #=> Array
@@ -1200,6 +1354,52 @@ module Aws::SecurityAgent
1200
1354
  req.send_request(options)
1201
1355
  end
1202
1356
 
1357
+ # Batch retrieves security requirements from a pack.
1358
+ #
1359
+ # @option params [required, String] :pack_id
1360
+ # The unique identifier of the security requirement pack to retrieve
1361
+ # requirements from.
1362
+ #
1363
+ # @option params [required, Array<String>] :security_requirement_names
1364
+ # The list of security requirement names to retrieve.
1365
+ #
1366
+ # @return [Types::BatchGetSecurityRequirementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1367
+ #
1368
+ # * {Types::BatchGetSecurityRequirementsOutput#security_requirements #security_requirements} => Array&lt;Types::BatchGetSecurityRequirementResult&gt;
1369
+ # * {Types::BatchGetSecurityRequirementsOutput#errors #errors} => Array&lt;Types::BatchSecurityRequirementError&gt;
1370
+ #
1371
+ # @example Request syntax with placeholder values
1372
+ #
1373
+ # resp = client.batch_get_security_requirements({
1374
+ # pack_id: "SecurityRequirementPackId", # required
1375
+ # security_requirement_names: ["SecurityRequirementName"], # required
1376
+ # })
1377
+ #
1378
+ # @example Response structure
1379
+ #
1380
+ # resp.security_requirements #=> Array
1381
+ # resp.security_requirements[0].pack_id #=> String
1382
+ # resp.security_requirements[0].name #=> String
1383
+ # resp.security_requirements[0].description #=> String
1384
+ # resp.security_requirements[0].domain #=> String
1385
+ # resp.security_requirements[0].evaluation #=> String
1386
+ # resp.security_requirements[0].remediation #=> String
1387
+ # resp.security_requirements[0].created_at #=> Time
1388
+ # resp.security_requirements[0].updated_at #=> Time
1389
+ # resp.errors #=> Array
1390
+ # resp.errors[0].security_requirement_name #=> String
1391
+ # resp.errors[0].code #=> String
1392
+ # resp.errors[0].message #=> String
1393
+ #
1394
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchGetSecurityRequirements AWS API Documentation
1395
+ #
1396
+ # @overload batch_get_security_requirements(params = {})
1397
+ # @param [Hash] params ({})
1398
+ def batch_get_security_requirements(params = {}, options = {})
1399
+ req = build_request(:batch_get_security_requirements, params)
1400
+ req.send_request(options)
1401
+ end
1402
+
1203
1403
  # Retrieves information about one or more target domains.
1204
1404
  #
1205
1405
  # @option params [required, Array<String>] :target_domain_ids
@@ -1243,6 +1443,298 @@ module Aws::SecurityAgent
1243
1443
  req.send_request(options)
1244
1444
  end
1245
1445
 
1446
+ # Retrieves information about one or more tasks within a threat model
1447
+ # job.
1448
+ #
1449
+ # @option params [required, String] :agent_space_id
1450
+ # The unique identifier of the agent space that contains the tasks.
1451
+ #
1452
+ # @option params [required, Array<String>] :threat_model_job_task_ids
1453
+ # The list of task identifiers to retrieve.
1454
+ #
1455
+ # @return [Types::BatchGetThreatModelJobTasksOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1456
+ #
1457
+ # * {Types::BatchGetThreatModelJobTasksOutput#threat_model_job_tasks #threat_model_job_tasks} => Array&lt;Types::ThreatModelJobTask&gt;
1458
+ # * {Types::BatchGetThreatModelJobTasksOutput#not_found #not_found} => Array&lt;String&gt;
1459
+ #
1460
+ # @example Request syntax with placeholder values
1461
+ #
1462
+ # resp = client.batch_get_threat_model_job_tasks({
1463
+ # agent_space_id: "String", # required
1464
+ # threat_model_job_task_ids: ["String"], # required
1465
+ # })
1466
+ #
1467
+ # @example Response structure
1468
+ #
1469
+ # resp.threat_model_job_tasks #=> Array
1470
+ # resp.threat_model_job_tasks[0].task_id #=> String
1471
+ # resp.threat_model_job_tasks[0].threat_model_id #=> String
1472
+ # resp.threat_model_job_tasks[0].threat_model_job_id #=> String
1473
+ # resp.threat_model_job_tasks[0].agent_space_id #=> String
1474
+ # resp.threat_model_job_tasks[0].title #=> String
1475
+ # resp.threat_model_job_tasks[0].description #=> String
1476
+ # resp.threat_model_job_tasks[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
1477
+ # resp.threat_model_job_tasks[0].logs_location.log_type #=> String, one of "CLOUDWATCH"
1478
+ # resp.threat_model_job_tasks[0].logs_location.cloud_watch_log.log_group #=> String
1479
+ # resp.threat_model_job_tasks[0].logs_location.cloud_watch_log.log_stream #=> String
1480
+ # resp.threat_model_job_tasks[0].created_at #=> Time
1481
+ # resp.threat_model_job_tasks[0].updated_at #=> Time
1482
+ # resp.not_found #=> Array
1483
+ # resp.not_found[0] #=> String
1484
+ #
1485
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchGetThreatModelJobTasks AWS API Documentation
1486
+ #
1487
+ # @overload batch_get_threat_model_job_tasks(params = {})
1488
+ # @param [Hash] params ({})
1489
+ def batch_get_threat_model_job_tasks(params = {}, options = {})
1490
+ req = build_request(:batch_get_threat_model_job_tasks, params)
1491
+ req.send_request(options)
1492
+ end
1493
+
1494
+ # Retrieves information about one or more threat model jobs in an agent
1495
+ # space.
1496
+ #
1497
+ # @option params [required, Array<String>] :threat_model_job_ids
1498
+ # The list of threat model job identifiers to retrieve.
1499
+ #
1500
+ # @option params [required, String] :agent_space_id
1501
+ # The unique identifier of the agent space that contains the threat
1502
+ # model jobs.
1503
+ #
1504
+ # @return [Types::BatchGetThreatModelJobsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1505
+ #
1506
+ # * {Types::BatchGetThreatModelJobsOutput#threat_model_jobs #threat_model_jobs} => Array&lt;Types::ThreatModelJob&gt;
1507
+ # * {Types::BatchGetThreatModelJobsOutput#not_found #not_found} => Array&lt;String&gt;
1508
+ #
1509
+ # @example Request syntax with placeholder values
1510
+ #
1511
+ # resp = client.batch_get_threat_model_jobs({
1512
+ # threat_model_job_ids: ["String"], # required
1513
+ # agent_space_id: "String", # required
1514
+ # })
1515
+ #
1516
+ # @example Response structure
1517
+ #
1518
+ # resp.threat_model_jobs #=> Array
1519
+ # resp.threat_model_jobs[0].threat_model_job_id #=> String
1520
+ # resp.threat_model_jobs[0].threat_model_id #=> String
1521
+ # resp.threat_model_jobs[0].agent_space_id #=> String
1522
+ # resp.threat_model_jobs[0].title #=> String
1523
+ # resp.threat_model_jobs[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
1524
+ # resp.threat_model_jobs[0].created_at #=> Time
1525
+ # resp.threat_model_jobs[0].updated_at #=> Time
1526
+ # resp.threat_model_jobs[0].execution_start_time #=> Time
1527
+ # resp.threat_model_jobs[0].execution_end_time #=> Time
1528
+ # resp.threat_model_jobs[0].source_code #=> Array
1529
+ # resp.threat_model_jobs[0].source_code[0].s3_location #=> String
1530
+ # resp.threat_model_jobs[0].integrated_repositories #=> Array
1531
+ # resp.threat_model_jobs[0].integrated_repositories[0].integration_id #=> String
1532
+ # resp.threat_model_jobs[0].integrated_repositories[0].provider_resource_id #=> String
1533
+ # resp.threat_model_jobs[0].documents #=> Array
1534
+ # resp.threat_model_jobs[0].documents[0].s3_location #=> String
1535
+ # resp.threat_model_jobs[0].documents[0].artifact_id #=> String
1536
+ # resp.threat_model_jobs[0].documents[0].integrated_document.integration_id #=> String
1537
+ # resp.threat_model_jobs[0].documents[0].integrated_document.resource_id #=> String
1538
+ # resp.threat_model_jobs[0].scope_docs #=> Array
1539
+ # resp.threat_model_jobs[0].scope_docs[0].s3_location #=> String
1540
+ # resp.threat_model_jobs[0].scope_docs[0].artifact_id #=> String
1541
+ # resp.threat_model_jobs[0].scope_docs[0].integrated_document.integration_id #=> String
1542
+ # resp.threat_model_jobs[0].scope_docs[0].integrated_document.resource_id #=> String
1543
+ # resp.threat_model_jobs[0].error_information.code #=> String, one of "CLIENT_ERROR", "INTERNAL_ERROR", "STOPPED_BY_USER"
1544
+ # resp.threat_model_jobs[0].error_information.message #=> String
1545
+ # resp.threat_model_jobs[0].system_overview #=> String
1546
+ # resp.not_found #=> Array
1547
+ # resp.not_found[0] #=> String
1548
+ #
1549
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchGetThreatModelJobs AWS API Documentation
1550
+ #
1551
+ # @overload batch_get_threat_model_jobs(params = {})
1552
+ # @param [Hash] params ({})
1553
+ def batch_get_threat_model_jobs(params = {}, options = {})
1554
+ req = build_request(:batch_get_threat_model_jobs, params)
1555
+ req.send_request(options)
1556
+ end
1557
+
1558
+ # Retrieves information about one or more threat models in an agent
1559
+ # space.
1560
+ #
1561
+ # @option params [required, Array<String>] :threat_model_ids
1562
+ # The list of threat model identifiers to retrieve.
1563
+ #
1564
+ # @option params [required, String] :agent_space_id
1565
+ # The unique identifier of the agent space that contains the threat
1566
+ # models.
1567
+ #
1568
+ # @return [Types::BatchGetThreatModelsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1569
+ #
1570
+ # * {Types::BatchGetThreatModelsOutput#threat_models #threat_models} => Array&lt;Types::ThreatModel&gt;
1571
+ # * {Types::BatchGetThreatModelsOutput#not_found #not_found} => Array&lt;String&gt;
1572
+ #
1573
+ # @example Request syntax with placeholder values
1574
+ #
1575
+ # resp = client.batch_get_threat_models({
1576
+ # threat_model_ids: ["String"], # required
1577
+ # agent_space_id: "String", # required
1578
+ # })
1579
+ #
1580
+ # @example Response structure
1581
+ #
1582
+ # resp.threat_models #=> Array
1583
+ # resp.threat_models[0].threat_model_id #=> String
1584
+ # resp.threat_models[0].agent_space_id #=> String
1585
+ # resp.threat_models[0].title #=> String
1586
+ # resp.threat_models[0].description #=> String
1587
+ # resp.threat_models[0].assets.endpoints #=> Array
1588
+ # resp.threat_models[0].assets.endpoints[0].uri #=> String
1589
+ # resp.threat_models[0].assets.actors #=> Array
1590
+ # resp.threat_models[0].assets.actors[0].identifier #=> String
1591
+ # resp.threat_models[0].assets.actors[0].uris #=> Array
1592
+ # resp.threat_models[0].assets.actors[0].uris[0] #=> String
1593
+ # resp.threat_models[0].assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
1594
+ # resp.threat_models[0].assets.actors[0].authentication.value #=> String
1595
+ # resp.threat_models[0].assets.actors[0].description #=> String
1596
+ # resp.threat_models[0].assets.documents #=> Array
1597
+ # resp.threat_models[0].assets.documents[0].s3_location #=> String
1598
+ # resp.threat_models[0].assets.documents[0].artifact_id #=> String
1599
+ # resp.threat_models[0].assets.documents[0].integrated_document.integration_id #=> String
1600
+ # resp.threat_models[0].assets.documents[0].integrated_document.resource_id #=> String
1601
+ # resp.threat_models[0].assets.source_code #=> Array
1602
+ # resp.threat_models[0].assets.source_code[0].s3_location #=> String
1603
+ # resp.threat_models[0].assets.integrated_repositories #=> Array
1604
+ # resp.threat_models[0].assets.integrated_repositories[0].integration_id #=> String
1605
+ # resp.threat_models[0].assets.integrated_repositories[0].provider_resource_id #=> String
1606
+ # resp.threat_models[0].scope_docs #=> Array
1607
+ # resp.threat_models[0].scope_docs[0].s3_location #=> String
1608
+ # resp.threat_models[0].scope_docs[0].artifact_id #=> String
1609
+ # resp.threat_models[0].scope_docs[0].integrated_document.integration_id #=> String
1610
+ # resp.threat_models[0].scope_docs[0].integrated_document.resource_id #=> String
1611
+ # resp.threat_models[0].service_role #=> String
1612
+ # resp.threat_models[0].log_config.log_group #=> String
1613
+ # resp.threat_models[0].log_config.log_stream #=> String
1614
+ # resp.threat_models[0].created_at #=> Time
1615
+ # resp.threat_models[0].updated_at #=> Time
1616
+ # resp.not_found #=> Array
1617
+ # resp.not_found[0] #=> String
1618
+ #
1619
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchGetThreatModels AWS API Documentation
1620
+ #
1621
+ # @overload batch_get_threat_models(params = {})
1622
+ # @param [Hash] params ({})
1623
+ def batch_get_threat_models(params = {}, options = {})
1624
+ req = build_request(:batch_get_threat_models, params)
1625
+ req.send_request(options)
1626
+ end
1627
+
1628
+ # Retrieves information about one or more threats.
1629
+ #
1630
+ # @option params [required, Array<String>] :threat_ids
1631
+ # The list of threat identifiers to retrieve.
1632
+ #
1633
+ # @option params [required, String] :agent_space_id
1634
+ # The unique identifier of the agent space.
1635
+ #
1636
+ # @return [Types::BatchGetThreatsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1637
+ #
1638
+ # * {Types::BatchGetThreatsOutput#threats #threats} => Array&lt;Types::Threat&gt;
1639
+ # * {Types::BatchGetThreatsOutput#not_found #not_found} => Array&lt;String&gt;
1640
+ #
1641
+ # @example Request syntax with placeholder values
1642
+ #
1643
+ # resp = client.batch_get_threats({
1644
+ # threat_ids: ["String"], # required
1645
+ # agent_space_id: "String", # required
1646
+ # })
1647
+ #
1648
+ # @example Response structure
1649
+ #
1650
+ # resp.threats #=> Array
1651
+ # resp.threats[0].threat_id #=> String
1652
+ # resp.threats[0].threat_job_id #=> String
1653
+ # resp.threats[0].title #=> String
1654
+ # resp.threats[0].statement #=> String
1655
+ # resp.threats[0].severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
1656
+ # resp.threats[0].status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
1657
+ # resp.threats[0].comments #=> String
1658
+ # resp.threats[0].threat_source #=> String
1659
+ # resp.threats[0].prerequisites #=> String
1660
+ # resp.threats[0].threat_action #=> String
1661
+ # resp.threats[0].threat_impact #=> String
1662
+ # resp.threats[0].impacted_goal #=> Array
1663
+ # resp.threats[0].impacted_goal[0] #=> String
1664
+ # resp.threats[0].impacted_assets #=> Array
1665
+ # resp.threats[0].impacted_assets[0] #=> String
1666
+ # resp.threats[0].anchor.kind #=> String
1667
+ # resp.threats[0].anchor.id #=> String
1668
+ # resp.threats[0].anchor.package_id #=> String
1669
+ # resp.threats[0].evidence #=> Array
1670
+ # resp.threats[0].evidence[0].package_id #=> String
1671
+ # resp.threats[0].evidence[0].path #=> String
1672
+ # resp.threats[0].stride #=> Array
1673
+ # resp.threats[0].stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
1674
+ # resp.threats[0].recommendation #=> String
1675
+ # resp.threats[0].created_by #=> String, one of "CUSTOMER", "AGENT"
1676
+ # resp.threats[0].updated_by #=> String, one of "CUSTOMER", "AGENT"
1677
+ # resp.threats[0].created_at #=> Time
1678
+ # resp.threats[0].updated_at #=> Time
1679
+ # resp.not_found #=> Array
1680
+ # resp.not_found[0] #=> String
1681
+ #
1682
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchGetThreats AWS API Documentation
1683
+ #
1684
+ # @overload batch_get_threats(params = {})
1685
+ # @param [Hash] params ({})
1686
+ def batch_get_threats(params = {}, options = {})
1687
+ req = build_request(:batch_get_threats, params)
1688
+ req.send_request(options)
1689
+ end
1690
+
1691
+ # Batch updates security requirements within a customer managed pack.
1692
+ #
1693
+ # @option params [required, String] :pack_id
1694
+ # The unique identifier of the security requirement pack containing the
1695
+ # requirements to update.
1696
+ #
1697
+ # @option params [required, Array<Types::UpdateSecurityRequirementEntry>] :security_requirements
1698
+ # The list of security requirement updates to apply.
1699
+ #
1700
+ # @return [Types::BatchUpdateSecurityRequirementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1701
+ #
1702
+ # * {Types::BatchUpdateSecurityRequirementsOutput#updated_security_requirement_names #updated_security_requirement_names} => Array&lt;String&gt;
1703
+ # * {Types::BatchUpdateSecurityRequirementsOutput#errors #errors} => Array&lt;Types::BatchSecurityRequirementError&gt;
1704
+ #
1705
+ # @example Request syntax with placeholder values
1706
+ #
1707
+ # resp = client.batch_update_security_requirements({
1708
+ # pack_id: "SecurityRequirementPackId", # required
1709
+ # security_requirements: [ # required
1710
+ # {
1711
+ # name: "SecurityRequirementName", # required
1712
+ # description: "String",
1713
+ # domain: "String",
1714
+ # evaluation: "String",
1715
+ # remediation: "String",
1716
+ # },
1717
+ # ],
1718
+ # })
1719
+ #
1720
+ # @example Response structure
1721
+ #
1722
+ # resp.updated_security_requirement_names #=> Array
1723
+ # resp.updated_security_requirement_names[0] #=> String
1724
+ # resp.errors #=> Array
1725
+ # resp.errors[0].security_requirement_name #=> String
1726
+ # resp.errors[0].code #=> String
1727
+ # resp.errors[0].message #=> String
1728
+ #
1729
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/BatchUpdateSecurityRequirements AWS API Documentation
1730
+ #
1731
+ # @overload batch_update_security_requirements(params = {})
1732
+ # @param [Hash] params ({})
1733
+ def batch_update_security_requirements(params = {}, options = {})
1734
+ req = build_request(:batch_update_security_requirements, params)
1735
+ req.send_request(options)
1736
+ end
1737
+
1246
1738
  # Creates a new agent space. An agent space is a dedicated workspace for
1247
1739
  # securing a specific application.
1248
1740
  #
@@ -1419,6 +1911,10 @@ module Aws::SecurityAgent
1419
1911
  # The code remediation strategy for the code review. Valid values are
1420
1912
  # AUTOMATIC and DISABLED.
1421
1913
  #
1914
+ # @option params [String] :validation_mode
1915
+ # The validation mode for the code review. Valid values are SIMULATED
1916
+ # and DISABLED.
1917
+ #
1422
1918
  # @return [Types::CreateCodeReviewOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1423
1919
  #
1424
1920
  # * {Types::CreateCodeReviewOutput#code_review_id #code_review_id} => String
@@ -1430,6 +1926,7 @@ module Aws::SecurityAgent
1430
1926
  # * {Types::CreateCodeReviewOutput#log_config #log_config} => Types::CloudWatchLog
1431
1927
  # * {Types::CreateCodeReviewOutput#agent_space_id #agent_space_id} => String
1432
1928
  # * {Types::CreateCodeReviewOutput#code_remediation_strategy #code_remediation_strategy} => String
1929
+ # * {Types::CreateCodeReviewOutput#validation_mode #validation_mode} => String
1433
1930
  #
1434
1931
  # @example Request syntax with placeholder values
1435
1932
  #
@@ -1457,6 +1954,10 @@ module Aws::SecurityAgent
1457
1954
  # {
1458
1955
  # s3_location: "String",
1459
1956
  # artifact_id: "String",
1957
+ # integrated_document: {
1958
+ # integration_id: "String", # required
1959
+ # resource_id: "String", # required
1960
+ # },
1460
1961
  # },
1461
1962
  # ],
1462
1963
  # source_code: [
@@ -1477,6 +1978,7 @@ module Aws::SecurityAgent
1477
1978
  # log_stream: "String",
1478
1979
  # },
1479
1980
  # code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
1981
+ # validation_mode: "DISABLED", # accepts DISABLED, SIMULATED
1480
1982
  # })
1481
1983
  #
1482
1984
  # @example Response structure
@@ -1497,6 +1999,8 @@ module Aws::SecurityAgent
1497
1999
  # resp.assets.documents #=> Array
1498
2000
  # resp.assets.documents[0].s3_location #=> String
1499
2001
  # resp.assets.documents[0].artifact_id #=> String
2002
+ # resp.assets.documents[0].integrated_document.integration_id #=> String
2003
+ # resp.assets.documents[0].integrated_document.resource_id #=> String
1500
2004
  # resp.assets.source_code #=> Array
1501
2005
  # resp.assets.source_code[0].s3_location #=> String
1502
2006
  # resp.assets.integrated_repositories #=> Array
@@ -1507,6 +2011,7 @@ module Aws::SecurityAgent
1507
2011
  # resp.log_config.log_stream #=> String
1508
2012
  # resp.agent_space_id #=> String
1509
2013
  # resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
2014
+ # resp.validation_mode #=> String, one of "DISABLED", "SIMULATED"
1510
2015
  #
1511
2016
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/CreateCodeReview AWS API Documentation
1512
2017
  #
@@ -1536,6 +2041,11 @@ module Aws::SecurityAgent
1536
2041
  # @option params [Hash<String,String>] :tags
1537
2042
  # The tags to associate with the integration.
1538
2043
  #
2044
+ # @option params [String] :private_connection_name
2045
+ # The name of an active private connection used to reach a self-hosted
2046
+ # provider instance over private networking. Specify this when the
2047
+ # instance is not publicly reachable.
2048
+ #
1539
2049
  # @return [Types::CreateIntegrationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1540
2050
  #
1541
2051
  # * {Types::CreateIntegrationOutput#integration_id #integration_id} => String
@@ -1543,12 +2053,32 @@ module Aws::SecurityAgent
1543
2053
  # @example Request syntax with placeholder values
1544
2054
  #
1545
2055
  # resp = client.create_integration({
1546
- # provider: "GITHUB", # required, accepts GITHUB
2056
+ # provider: "GITHUB", # required, accepts GITHUB, GITLAB, BITBUCKET, CONFLUENCE
1547
2057
  # input: { # required
1548
2058
  # github: {
1549
2059
  # code: "AuthCode", # required
1550
2060
  # state: "CsrfState", # required
1551
2061
  # organization_name: "String",
2062
+ # target_url: "TargetUrl",
2063
+ # installation_id: "String",
2064
+ # },
2065
+ # gitlab: {
2066
+ # access_token: "AccessToken", # required
2067
+ # target_url: "TargetUrl",
2068
+ # token_type: "PERSONAL", # required, accepts PERSONAL, GROUP
2069
+ # group_id: "String",
2070
+ # },
2071
+ # bitbucket: {
2072
+ # installation_id: "BitbucketInstallationId", # required
2073
+ # workspace: "BitbucketWorkspace", # required
2074
+ # code: "AuthCode", # required
2075
+ # state: "CsrfState", # required
2076
+ # },
2077
+ # confluence: {
2078
+ # installation_id: "ConfluenceInstallationId", # required
2079
+ # code: "AuthCode", # required
2080
+ # state: "CsrfState", # required
2081
+ # site_url: "ConfluenceSiteUrl", # required
1552
2082
  # },
1553
2083
  # },
1554
2084
  # integration_display_name: "String", # required
@@ -1556,6 +2086,7 @@ module Aws::SecurityAgent
1556
2086
  # tags: {
1557
2087
  # "TagKey" => "TagValue",
1558
2088
  # },
2089
+ # private_connection_name: "PrivateConnectionName",
1559
2090
  # })
1560
2091
  #
1561
2092
  # @example Response structure
@@ -1649,6 +2180,10 @@ module Aws::SecurityAgent
1649
2180
  # The code remediation strategy for the pentest. Valid values are
1650
2181
  # AUTOMATIC and DISABLED.
1651
2182
  #
2183
+ # @option params [Array<String>] :disable_managed_skills
2184
+ # A list of managed skills to disable for this pentest. Valid values
2185
+ # include FINDING\_PERSONALIZATION and LOGIN\_OPTIMIZATION.
2186
+ #
1652
2187
  # @return [Types::CreatePentestOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1653
2188
  #
1654
2189
  # * {Types::CreatePentestOutput#pentest_id #pentest_id} => String
@@ -1687,6 +2222,10 @@ module Aws::SecurityAgent
1687
2222
  # {
1688
2223
  # s3_location: "String",
1689
2224
  # artifact_id: "String",
2225
+ # integrated_document: {
2226
+ # integration_id: "String", # required
2227
+ # resource_id: "String", # required
2228
+ # },
1690
2229
  # },
1691
2230
  # ],
1692
2231
  # source_code: [
@@ -1728,6 +2267,7 @@ module Aws::SecurityAgent
1728
2267
  # ],
1729
2268
  # },
1730
2269
  # code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
2270
+ # disable_managed_skills: ["FINDING_PERSONALIZATION"], # accepts FINDING_PERSONALIZATION, LOGIN_OPTIMIZATION
1731
2271
  # })
1732
2272
  #
1733
2273
  # @example Response structure
@@ -1748,6 +2288,8 @@ module Aws::SecurityAgent
1748
2288
  # resp.assets.documents #=> Array
1749
2289
  # resp.assets.documents[0].s3_location #=> String
1750
2290
  # resp.assets.documents[0].artifact_id #=> String
2291
+ # resp.assets.documents[0].integrated_document.integration_id #=> String
2292
+ # resp.assets.documents[0].integrated_document.resource_id #=> String
1751
2293
  # resp.assets.source_code #=> Array
1752
2294
  # resp.assets.source_code[0].s3_location #=> String
1753
2295
  # resp.assets.integrated_repositories #=> Array
@@ -1769,6 +2311,133 @@ module Aws::SecurityAgent
1769
2311
  req.send_request(options)
1770
2312
  end
1771
2313
 
2314
+ # Creates a private connection for reaching a self-hosted provider
2315
+ # instance over private networking using Amazon VPC Lattice.
2316
+ #
2317
+ # @option params [required, String] :private_connection_name
2318
+ # A unique name for the private connection within your account.
2319
+ #
2320
+ # @option params [required, Types::PrivateConnectionMode] :mode
2321
+ # The configuration for the private connection. Specify either a
2322
+ # service-managed or a self-managed mode.
2323
+ #
2324
+ # @option params [Hash<String,String>] :tags
2325
+ # The tags to attach to the private connection.
2326
+ #
2327
+ # @return [Types::CreatePrivateConnectionOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2328
+ #
2329
+ # * {Types::CreatePrivateConnectionOutput#name #name} => String
2330
+ # * {Types::CreatePrivateConnectionOutput#type #type} => String
2331
+ # * {Types::CreatePrivateConnectionOutput#status #status} => String
2332
+ # * {Types::CreatePrivateConnectionOutput#resource_gateway_id #resource_gateway_id} => String
2333
+ # * {Types::CreatePrivateConnectionOutput#host_address #host_address} => String
2334
+ # * {Types::CreatePrivateConnectionOutput#vpc_id #vpc_id} => String
2335
+ # * {Types::CreatePrivateConnectionOutput#resource_configuration_id #resource_configuration_id} => String
2336
+ # * {Types::CreatePrivateConnectionOutput#certificate_expiry_time #certificate_expiry_time} => Time
2337
+ # * {Types::CreatePrivateConnectionOutput#dns_resolution #dns_resolution} => String
2338
+ # * {Types::CreatePrivateConnectionOutput#failure_message #failure_message} => String
2339
+ # * {Types::CreatePrivateConnectionOutput#tags #tags} => Hash&lt;String,String&gt;
2340
+ #
2341
+ # @example Request syntax with placeholder values
2342
+ #
2343
+ # resp = client.create_private_connection({
2344
+ # private_connection_name: "PrivateConnectionName", # required
2345
+ # mode: { # required
2346
+ # service_managed: {
2347
+ # host_address: "HostAddress", # required
2348
+ # vpc_id: "PrivateConnectionVpcId", # required
2349
+ # subnet_ids: ["PrivateConnectionSubnetId"], # required
2350
+ # security_group_ids: ["PrivateConnectionSecurityGroupId"],
2351
+ # ip_address_type: "IPV4", # accepts IPV4, IPV6, DUAL_STACK
2352
+ # ipv4_addresses_per_eni: 1,
2353
+ # port_ranges: ["PortRange"],
2354
+ # certificate: "CertificateChain",
2355
+ # dns_resolution: "PUBLIC", # accepts PUBLIC, IN_VPC
2356
+ # },
2357
+ # self_managed: {
2358
+ # resource_configuration_id: "ResourceConfigurationId", # required
2359
+ # certificate: "CertificateChain",
2360
+ # },
2361
+ # },
2362
+ # tags: {
2363
+ # "TagKey" => "TagValue",
2364
+ # },
2365
+ # })
2366
+ #
2367
+ # @example Response structure
2368
+ #
2369
+ # resp.name #=> String
2370
+ # resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
2371
+ # resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
2372
+ # resp.resource_gateway_id #=> String
2373
+ # resp.host_address #=> String
2374
+ # resp.vpc_id #=> String
2375
+ # resp.resource_configuration_id #=> String
2376
+ # resp.certificate_expiry_time #=> Time
2377
+ # resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
2378
+ # resp.failure_message #=> String
2379
+ # resp.tags #=> Hash
2380
+ # resp.tags["TagKey"] #=> String
2381
+ #
2382
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/CreatePrivateConnection AWS API Documentation
2383
+ #
2384
+ # @overload create_private_connection(params = {})
2385
+ # @param [Hash] params ({})
2386
+ def create_private_connection(params = {}, options = {})
2387
+ req = build_request(:create_private_connection, params)
2388
+ req.send_request(options)
2389
+ end
2390
+
2391
+ # Creates a customer managed security requirement pack.
2392
+ #
2393
+ # @option params [required, String] :name
2394
+ # The name of the security requirement pack.
2395
+ #
2396
+ # @option params [String] :description
2397
+ # A description of the security requirement pack.
2398
+ #
2399
+ # @option params [String] :status
2400
+ # The status of the pack. Defaults to ENABLED if not provided.
2401
+ #
2402
+ # @option params [String] :kms_key_id
2403
+ # The identifier of the AWS KMS key used to encrypt pack contents.
2404
+ #
2405
+ # @option params [Hash<String,String>] :tags
2406
+ # The tags to associate with the security requirement pack.
2407
+ #
2408
+ # @return [Types::CreateSecurityRequirementPackOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2409
+ #
2410
+ # * {Types::CreateSecurityRequirementPackOutput#pack_id #pack_id} => String
2411
+ # * {Types::CreateSecurityRequirementPackOutput#status #status} => String
2412
+ # * {Types::CreateSecurityRequirementPackOutput#kms_key_id #kms_key_id} => String
2413
+ #
2414
+ # @example Request syntax with placeholder values
2415
+ #
2416
+ # resp = client.create_security_requirement_pack({
2417
+ # name: "SecurityRequirementPackName", # required
2418
+ # description: "String",
2419
+ # status: "ENABLED", # accepts ENABLED, DISABLED
2420
+ # kms_key_id: "KmsKeyId",
2421
+ # tags: {
2422
+ # "TagKey" => "TagValue",
2423
+ # },
2424
+ # })
2425
+ #
2426
+ # @example Response structure
2427
+ #
2428
+ # resp.pack_id #=> String
2429
+ # resp.status #=> String, one of "ENABLED", "DISABLED"
2430
+ # resp.kms_key_id #=> String
2431
+ #
2432
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/CreateSecurityRequirementPack AWS API Documentation
2433
+ #
2434
+ # @overload create_security_requirement_pack(params = {})
2435
+ # @param [Hash] params ({})
2436
+ def create_security_requirement_pack(params = {}, options = {})
2437
+ req = build_request(:create_security_requirement_pack, params)
2438
+ req.send_request(options)
2439
+ end
2440
+
1772
2441
  # Creates a new target domain for penetration testing. A target domain
1773
2442
  # is a web domain that must be registered and verified before it can be
1774
2443
  # tested.
@@ -1827,11 +2496,310 @@ module Aws::SecurityAgent
1827
2496
  req.send_request(options)
1828
2497
  end
1829
2498
 
1830
- # Deletes an agent space and all of its associated resources, including
1831
- # pentests, findings, and artifacts.
2499
+ # Creates a new threat under a threat model job.
1832
2500
  #
1833
2501
  # @option params [required, String] :agent_space_id
1834
- # The unique identifier of the agent space to delete.
2502
+ # The unique identifier of the agent space.
2503
+ #
2504
+ # @option params [required, String] :threat_job_id
2505
+ # The unique identifier of the threat model job the threat belongs to.
2506
+ #
2507
+ # @option params [String] :title
2508
+ # A short title summarizing the threat.
2509
+ #
2510
+ # @option params [String] :statement
2511
+ # The natural-language threat statement.
2512
+ #
2513
+ # @option params [String] :severity
2514
+ # The severity level of the threat.
2515
+ #
2516
+ # @option params [String] :comments
2517
+ # Optional customer comment on the threat.
2518
+ #
2519
+ # @option params [Array<String>] :stride
2520
+ # The STRIDE categories applicable to this threat.
2521
+ #
2522
+ # @option params [String] :threat_source
2523
+ # The actor or origin of the threat.
2524
+ #
2525
+ # @option params [String] :prerequisites
2526
+ # The conditions required for the threat to be exploitable.
2527
+ #
2528
+ # @option params [String] :threat_action
2529
+ # What the threat source can do.
2530
+ #
2531
+ # @option params [String] :threat_impact
2532
+ # The direct consequence of the threat action.
2533
+ #
2534
+ # @option params [Array<String>] :impacted_goal
2535
+ # The security goals affected by the threat.
2536
+ #
2537
+ # @option params [Array<String>] :impacted_assets
2538
+ # The specific assets affected by the threat.
2539
+ #
2540
+ # @option params [Types::ThreatAnchorShape] :anchor
2541
+ # The DFD element this threat is anchored to.
2542
+ #
2543
+ # @option params [Array<Types::ThreatEvidenceShape>] :evidence
2544
+ # The source code files supporting the threat.
2545
+ #
2546
+ # @option params [String] :recommendation
2547
+ # The recommended mitigation guidance for this threat.
2548
+ #
2549
+ # @return [Types::CreateThreatOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2550
+ #
2551
+ # * {Types::CreateThreatOutput#threat_id #threat_id} => String
2552
+ # * {Types::CreateThreatOutput#threat_job_id #threat_job_id} => String
2553
+ # * {Types::CreateThreatOutput#title #title} => String
2554
+ # * {Types::CreateThreatOutput#statement #statement} => String
2555
+ # * {Types::CreateThreatOutput#severity #severity} => String
2556
+ # * {Types::CreateThreatOutput#status #status} => String
2557
+ # * {Types::CreateThreatOutput#comments #comments} => String
2558
+ # * {Types::CreateThreatOutput#stride #stride} => Array&lt;String&gt;
2559
+ # * {Types::CreateThreatOutput#threat_source #threat_source} => String
2560
+ # * {Types::CreateThreatOutput#prerequisites #prerequisites} => String
2561
+ # * {Types::CreateThreatOutput#threat_action #threat_action} => String
2562
+ # * {Types::CreateThreatOutput#threat_impact #threat_impact} => String
2563
+ # * {Types::CreateThreatOutput#impacted_goal #impacted_goal} => Array&lt;String&gt;
2564
+ # * {Types::CreateThreatOutput#impacted_assets #impacted_assets} => Array&lt;String&gt;
2565
+ # * {Types::CreateThreatOutput#anchor #anchor} => Types::ThreatAnchorShape
2566
+ # * {Types::CreateThreatOutput#evidence #evidence} => Array&lt;Types::ThreatEvidenceShape&gt;
2567
+ # * {Types::CreateThreatOutput#recommendation #recommendation} => String
2568
+ # * {Types::CreateThreatOutput#created_by #created_by} => String
2569
+ # * {Types::CreateThreatOutput#updated_by #updated_by} => String
2570
+ # * {Types::CreateThreatOutput#created_at #created_at} => Time
2571
+ # * {Types::CreateThreatOutput#updated_at #updated_at} => Time
2572
+ #
2573
+ # @example Request syntax with placeholder values
2574
+ #
2575
+ # resp = client.create_threat({
2576
+ # agent_space_id: "String", # required
2577
+ # threat_job_id: "String", # required
2578
+ # title: "String",
2579
+ # statement: "String",
2580
+ # severity: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFO
2581
+ # comments: "String",
2582
+ # stride: ["SPOOFING"], # accepts SPOOFING, TAMPERING, REPUDIATION, INFORMATION_DISCLOSURE, DENIAL_OF_SERVICE, ELEVATION_OF_PRIVILEGE
2583
+ # threat_source: "String",
2584
+ # prerequisites: "String",
2585
+ # threat_action: "String",
2586
+ # threat_impact: "String",
2587
+ # impacted_goal: ["String"],
2588
+ # impacted_assets: ["String"],
2589
+ # anchor: {
2590
+ # kind: "String",
2591
+ # id: "String",
2592
+ # package_id: "String",
2593
+ # },
2594
+ # evidence: [
2595
+ # {
2596
+ # package_id: "String",
2597
+ # path: "String",
2598
+ # },
2599
+ # ],
2600
+ # recommendation: "String",
2601
+ # })
2602
+ #
2603
+ # @example Response structure
2604
+ #
2605
+ # resp.threat_id #=> String
2606
+ # resp.threat_job_id #=> String
2607
+ # resp.title #=> String
2608
+ # resp.statement #=> String
2609
+ # resp.severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
2610
+ # resp.status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
2611
+ # resp.comments #=> String
2612
+ # resp.stride #=> Array
2613
+ # resp.stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
2614
+ # resp.threat_source #=> String
2615
+ # resp.prerequisites #=> String
2616
+ # resp.threat_action #=> String
2617
+ # resp.threat_impact #=> String
2618
+ # resp.impacted_goal #=> Array
2619
+ # resp.impacted_goal[0] #=> String
2620
+ # resp.impacted_assets #=> Array
2621
+ # resp.impacted_assets[0] #=> String
2622
+ # resp.anchor.kind #=> String
2623
+ # resp.anchor.id #=> String
2624
+ # resp.anchor.package_id #=> String
2625
+ # resp.evidence #=> Array
2626
+ # resp.evidence[0].package_id #=> String
2627
+ # resp.evidence[0].path #=> String
2628
+ # resp.recommendation #=> String
2629
+ # resp.created_by #=> String, one of "CUSTOMER", "AGENT"
2630
+ # resp.updated_by #=> String, one of "CUSTOMER", "AGENT"
2631
+ # resp.created_at #=> Time
2632
+ # resp.updated_at #=> Time
2633
+ #
2634
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/CreateThreat AWS API Documentation
2635
+ #
2636
+ # @overload create_threat(params = {})
2637
+ # @param [Hash] params ({})
2638
+ def create_threat(params = {}, options = {})
2639
+ req = build_request(:create_threat, params)
2640
+ req.send_request(options)
2641
+ end
2642
+
2643
+ # Creates a new threat model configuration in an agent space. A threat
2644
+ # model defines the parameters for automated threat analysis.
2645
+ #
2646
+ # @option params [required, String] :title
2647
+ # The title of the threat model.
2648
+ #
2649
+ # @option params [required, String] :agent_space_id
2650
+ # The unique identifier of the agent space to create the threat model
2651
+ # in.
2652
+ #
2653
+ # @option params [String] :description
2654
+ # A description of the application or system being threat modeled.
2655
+ #
2656
+ # @option params [Types::Assets] :assets
2657
+ # The assets to include in the threat model.
2658
+ #
2659
+ # @option params [Array<Types::DocumentInfo>] :scope_docs
2660
+ # The scoped documents for the agent to focus on during threat modeling.
2661
+ #
2662
+ # @option params [required, String] :service_role
2663
+ # The IAM service role to use for the threat model.
2664
+ #
2665
+ # @option params [Types::CloudWatchLog] :log_config
2666
+ # The CloudWatch Logs configuration for the threat model.
2667
+ #
2668
+ # @option params [Types::ReportDestination] :report_destination
2669
+ # The destination for publishing scan reports to an integrated document
2670
+ # provider.
2671
+ #
2672
+ # @return [Types::CreateThreatModelOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2673
+ #
2674
+ # * {Types::CreateThreatModelOutput#threat_model_id #threat_model_id} => String
2675
+ # * {Types::CreateThreatModelOutput#title #title} => String
2676
+ # * {Types::CreateThreatModelOutput#agent_space_id #agent_space_id} => String
2677
+ # * {Types::CreateThreatModelOutput#description #description} => String
2678
+ # * {Types::CreateThreatModelOutput#assets #assets} => Types::Assets
2679
+ # * {Types::CreateThreatModelOutput#scope_docs #scope_docs} => Array&lt;Types::DocumentInfo&gt;
2680
+ # * {Types::CreateThreatModelOutput#service_role #service_role} => String
2681
+ # * {Types::CreateThreatModelOutput#log_config #log_config} => Types::CloudWatchLog
2682
+ # * {Types::CreateThreatModelOutput#created_at #created_at} => Time
2683
+ # * {Types::CreateThreatModelOutput#updated_at #updated_at} => Time
2684
+ #
2685
+ # @example Request syntax with placeholder values
2686
+ #
2687
+ # resp = client.create_threat_model({
2688
+ # title: "String", # required
2689
+ # agent_space_id: "String", # required
2690
+ # description: "String",
2691
+ # assets: {
2692
+ # endpoints: [
2693
+ # {
2694
+ # uri: "String",
2695
+ # },
2696
+ # ],
2697
+ # actors: [
2698
+ # {
2699
+ # identifier: "String",
2700
+ # uris: ["String"],
2701
+ # authentication: {
2702
+ # provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
2703
+ # value: "String",
2704
+ # },
2705
+ # description: "String",
2706
+ # },
2707
+ # ],
2708
+ # documents: [
2709
+ # {
2710
+ # s3_location: "String",
2711
+ # artifact_id: "String",
2712
+ # integrated_document: {
2713
+ # integration_id: "String", # required
2714
+ # resource_id: "String", # required
2715
+ # },
2716
+ # },
2717
+ # ],
2718
+ # source_code: [
2719
+ # {
2720
+ # s3_location: "String",
2721
+ # },
2722
+ # ],
2723
+ # integrated_repositories: [
2724
+ # {
2725
+ # integration_id: "String", # required
2726
+ # provider_resource_id: "String", # required
2727
+ # },
2728
+ # ],
2729
+ # },
2730
+ # scope_docs: [
2731
+ # {
2732
+ # s3_location: "String",
2733
+ # artifact_id: "String",
2734
+ # integrated_document: {
2735
+ # integration_id: "String", # required
2736
+ # resource_id: "String", # required
2737
+ # },
2738
+ # },
2739
+ # ],
2740
+ # service_role: "ServiceRole", # required
2741
+ # log_config: {
2742
+ # log_group: "String",
2743
+ # log_stream: "String",
2744
+ # },
2745
+ # report_destination: {
2746
+ # integration_id: "String", # required
2747
+ # container_id: "String", # required
2748
+ # parent_id: "String",
2749
+ # document_id: "String",
2750
+ # },
2751
+ # })
2752
+ #
2753
+ # @example Response structure
2754
+ #
2755
+ # resp.threat_model_id #=> String
2756
+ # resp.title #=> String
2757
+ # resp.agent_space_id #=> String
2758
+ # resp.description #=> String
2759
+ # resp.assets.endpoints #=> Array
2760
+ # resp.assets.endpoints[0].uri #=> String
2761
+ # resp.assets.actors #=> Array
2762
+ # resp.assets.actors[0].identifier #=> String
2763
+ # resp.assets.actors[0].uris #=> Array
2764
+ # resp.assets.actors[0].uris[0] #=> String
2765
+ # resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
2766
+ # resp.assets.actors[0].authentication.value #=> String
2767
+ # resp.assets.actors[0].description #=> String
2768
+ # resp.assets.documents #=> Array
2769
+ # resp.assets.documents[0].s3_location #=> String
2770
+ # resp.assets.documents[0].artifact_id #=> String
2771
+ # resp.assets.documents[0].integrated_document.integration_id #=> String
2772
+ # resp.assets.documents[0].integrated_document.resource_id #=> String
2773
+ # resp.assets.source_code #=> Array
2774
+ # resp.assets.source_code[0].s3_location #=> String
2775
+ # resp.assets.integrated_repositories #=> Array
2776
+ # resp.assets.integrated_repositories[0].integration_id #=> String
2777
+ # resp.assets.integrated_repositories[0].provider_resource_id #=> String
2778
+ # resp.scope_docs #=> Array
2779
+ # resp.scope_docs[0].s3_location #=> String
2780
+ # resp.scope_docs[0].artifact_id #=> String
2781
+ # resp.scope_docs[0].integrated_document.integration_id #=> String
2782
+ # resp.scope_docs[0].integrated_document.resource_id #=> String
2783
+ # resp.service_role #=> String
2784
+ # resp.log_config.log_group #=> String
2785
+ # resp.log_config.log_stream #=> String
2786
+ # resp.created_at #=> Time
2787
+ # resp.updated_at #=> Time
2788
+ #
2789
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/CreateThreatModel AWS API Documentation
2790
+ #
2791
+ # @overload create_threat_model(params = {})
2792
+ # @param [Hash] params ({})
2793
+ def create_threat_model(params = {}, options = {})
2794
+ req = build_request(:create_threat_model, params)
2795
+ req.send_request(options)
2796
+ end
2797
+
2798
+ # Deletes an agent space and all of its associated resources, including
2799
+ # pentests, findings, and artifacts.
2800
+ #
2801
+ # @option params [required, String] :agent_space_id
2802
+ # The unique identifier of the agent space to delete.
1835
2803
  #
1836
2804
  # @return [Types::DeleteAgentSpaceOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1837
2805
  #
@@ -1962,6 +2930,78 @@ module Aws::SecurityAgent
1962
2930
  req.send_request(options)
1963
2931
  end
1964
2932
 
2933
+ # Deletes a private connection.
2934
+ #
2935
+ # @option params [required, String] :private_connection_name
2936
+ # The name of the private connection to delete.
2937
+ #
2938
+ # @return [Types::DeletePrivateConnectionOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2939
+ #
2940
+ # * {Types::DeletePrivateConnectionOutput#name #name} => String
2941
+ # * {Types::DeletePrivateConnectionOutput#type #type} => String
2942
+ # * {Types::DeletePrivateConnectionOutput#status #status} => String
2943
+ # * {Types::DeletePrivateConnectionOutput#resource_gateway_id #resource_gateway_id} => String
2944
+ # * {Types::DeletePrivateConnectionOutput#host_address #host_address} => String
2945
+ # * {Types::DeletePrivateConnectionOutput#vpc_id #vpc_id} => String
2946
+ # * {Types::DeletePrivateConnectionOutput#resource_configuration_id #resource_configuration_id} => String
2947
+ # * {Types::DeletePrivateConnectionOutput#certificate_expiry_time #certificate_expiry_time} => Time
2948
+ # * {Types::DeletePrivateConnectionOutput#dns_resolution #dns_resolution} => String
2949
+ # * {Types::DeletePrivateConnectionOutput#failure_message #failure_message} => String
2950
+ # * {Types::DeletePrivateConnectionOutput#tags #tags} => Hash&lt;String,String&gt;
2951
+ #
2952
+ # @example Request syntax with placeholder values
2953
+ #
2954
+ # resp = client.delete_private_connection({
2955
+ # private_connection_name: "PrivateConnectionName", # required
2956
+ # })
2957
+ #
2958
+ # @example Response structure
2959
+ #
2960
+ # resp.name #=> String
2961
+ # resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
2962
+ # resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
2963
+ # resp.resource_gateway_id #=> String
2964
+ # resp.host_address #=> String
2965
+ # resp.vpc_id #=> String
2966
+ # resp.resource_configuration_id #=> String
2967
+ # resp.certificate_expiry_time #=> Time
2968
+ # resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
2969
+ # resp.failure_message #=> String
2970
+ # resp.tags #=> Hash
2971
+ # resp.tags["TagKey"] #=> String
2972
+ #
2973
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/DeletePrivateConnection AWS API Documentation
2974
+ #
2975
+ # @overload delete_private_connection(params = {})
2976
+ # @param [Hash] params ({})
2977
+ def delete_private_connection(params = {}, options = {})
2978
+ req = build_request(:delete_private_connection, params)
2979
+ req.send_request(options)
2980
+ end
2981
+
2982
+ # Deletes a customer managed security requirement pack and all its
2983
+ # associated security requirements.
2984
+ #
2985
+ # @option params [required, String] :pack_id
2986
+ # The unique identifier of the security requirement pack to delete.
2987
+ #
2988
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2989
+ #
2990
+ # @example Request syntax with placeholder values
2991
+ #
2992
+ # resp = client.delete_security_requirement_pack({
2993
+ # pack_id: "SecurityRequirementPackId", # required
2994
+ # })
2995
+ #
2996
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/DeleteSecurityRequirementPack AWS API Documentation
2997
+ #
2998
+ # @overload delete_security_requirement_pack(params = {})
2999
+ # @param [Hash] params ({})
3000
+ def delete_security_requirement_pack(params = {}, options = {})
3001
+ req = build_request(:delete_security_requirement_pack, params)
3002
+ req.send_request(options)
3003
+ end
3004
+
1965
3005
  # Deletes a target domain registration. After deletion, the domain can
1966
3006
  # no longer be used for penetration testing.
1967
3007
  #
@@ -1991,6 +3031,55 @@ module Aws::SecurityAgent
1991
3031
  req.send_request(options)
1992
3032
  end
1993
3033
 
3034
+ # Retrieves the details of a private connection.
3035
+ #
3036
+ # @option params [required, String] :private_connection_name
3037
+ # The name of the private connection to describe.
3038
+ #
3039
+ # @return [Types::DescribePrivateConnectionOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3040
+ #
3041
+ # * {Types::DescribePrivateConnectionOutput#name #name} => String
3042
+ # * {Types::DescribePrivateConnectionOutput#type #type} => String
3043
+ # * {Types::DescribePrivateConnectionOutput#status #status} => String
3044
+ # * {Types::DescribePrivateConnectionOutput#resource_gateway_id #resource_gateway_id} => String
3045
+ # * {Types::DescribePrivateConnectionOutput#host_address #host_address} => String
3046
+ # * {Types::DescribePrivateConnectionOutput#vpc_id #vpc_id} => String
3047
+ # * {Types::DescribePrivateConnectionOutput#resource_configuration_id #resource_configuration_id} => String
3048
+ # * {Types::DescribePrivateConnectionOutput#certificate_expiry_time #certificate_expiry_time} => Time
3049
+ # * {Types::DescribePrivateConnectionOutput#dns_resolution #dns_resolution} => String
3050
+ # * {Types::DescribePrivateConnectionOutput#failure_message #failure_message} => String
3051
+ # * {Types::DescribePrivateConnectionOutput#tags #tags} => Hash&lt;String,String&gt;
3052
+ #
3053
+ # @example Request syntax with placeholder values
3054
+ #
3055
+ # resp = client.describe_private_connection({
3056
+ # private_connection_name: "PrivateConnectionName", # required
3057
+ # })
3058
+ #
3059
+ # @example Response structure
3060
+ #
3061
+ # resp.name #=> String
3062
+ # resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
3063
+ # resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
3064
+ # resp.resource_gateway_id #=> String
3065
+ # resp.host_address #=> String
3066
+ # resp.vpc_id #=> String
3067
+ # resp.resource_configuration_id #=> String
3068
+ # resp.certificate_expiry_time #=> Time
3069
+ # resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
3070
+ # resp.failure_message #=> String
3071
+ # resp.tags #=> Hash
3072
+ # resp.tags["TagKey"] #=> String
3073
+ #
3074
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/DescribePrivateConnection AWS API Documentation
3075
+ #
3076
+ # @overload describe_private_connection(params = {})
3077
+ # @param [Hash] params ({})
3078
+ def describe_private_connection(params = {}, options = {})
3079
+ req = build_request(:describe_private_connection, params)
3080
+ req.send_request(options)
3081
+ end
3082
+
1994
3083
  # Retrieves information about an application.
1995
3084
  #
1996
3085
  # @option params [required, String] :application_id
@@ -2084,6 +3173,8 @@ module Aws::SecurityAgent
2084
3173
  # * {Types::GetIntegrationOutput#provider_type #provider_type} => String
2085
3174
  # * {Types::GetIntegrationOutput#display_name #display_name} => String
2086
3175
  # * {Types::GetIntegrationOutput#kms_key_id #kms_key_id} => String
3176
+ # * {Types::GetIntegrationOutput#target_url #target_url} => String
3177
+ # * {Types::GetIntegrationOutput#private_connection_name #private_connection_name} => String
2087
3178
  #
2088
3179
  # @example Request syntax with placeholder values
2089
3180
  #
@@ -2095,10 +3186,12 @@ module Aws::SecurityAgent
2095
3186
  #
2096
3187
  # resp.integration_id #=> String
2097
3188
  # resp.installation_id #=> String
2098
- # resp.provider #=> String, one of "GITHUB"
3189
+ # resp.provider #=> String, one of "GITHUB", "GITLAB", "BITBUCKET", "CONFLUENCE"
2099
3190
  # resp.provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
2100
3191
  # resp.display_name #=> String
2101
3192
  # resp.kms_key_id #=> String
3193
+ # resp.target_url #=> String
3194
+ # resp.private_connection_name #=> String
2102
3195
  #
2103
3196
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/GetIntegration AWS API Documentation
2104
3197
  #
@@ -2109,6 +3202,99 @@ module Aws::SecurityAgent
2109
3202
  req.send_request(options)
2110
3203
  end
2111
3204
 
3205
+ # Retrieves information about a security requirement pack.
3206
+ #
3207
+ # @option params [required, String] :pack_id
3208
+ # The unique identifier of the security requirement pack to retrieve.
3209
+ #
3210
+ # @return [Types::GetSecurityRequirementPackOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3211
+ #
3212
+ # * {Types::GetSecurityRequirementPackOutput#pack_id #pack_id} => String
3213
+ # * {Types::GetSecurityRequirementPackOutput#name #name} => String
3214
+ # * {Types::GetSecurityRequirementPackOutput#description #description} => String
3215
+ # * {Types::GetSecurityRequirementPackOutput#vendor_name #vendor_name} => String
3216
+ # * {Types::GetSecurityRequirementPackOutput#management_type #management_type} => String
3217
+ # * {Types::GetSecurityRequirementPackOutput#status #status} => String
3218
+ # * {Types::GetSecurityRequirementPackOutput#import_status #import_status} => String
3219
+ # * {Types::GetSecurityRequirementPackOutput#created_at #created_at} => Time
3220
+ # * {Types::GetSecurityRequirementPackOutput#updated_at #updated_at} => Time
3221
+ # * {Types::GetSecurityRequirementPackOutput#kms_key_id #kms_key_id} => String
3222
+ #
3223
+ # @example Request syntax with placeholder values
3224
+ #
3225
+ # resp = client.get_security_requirement_pack({
3226
+ # pack_id: "SecurityRequirementPackId", # required
3227
+ # })
3228
+ #
3229
+ # @example Response structure
3230
+ #
3231
+ # resp.pack_id #=> String
3232
+ # resp.name #=> String
3233
+ # resp.description #=> String
3234
+ # resp.vendor_name #=> String
3235
+ # resp.management_type #=> String, one of "AWS_MANAGED", "CUSTOMER_MANAGED"
3236
+ # resp.status #=> String, one of "ENABLED", "DISABLED"
3237
+ # resp.import_status #=> String, one of "PENDING", "IN_PROGRESS", "FAILED", "COMPLETED"
3238
+ # resp.created_at #=> Time
3239
+ # resp.updated_at #=> Time
3240
+ # resp.kms_key_id #=> String
3241
+ #
3242
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/GetSecurityRequirementPack AWS API Documentation
3243
+ #
3244
+ # @overload get_security_requirement_pack(params = {})
3245
+ # @param [Hash] params ({})
3246
+ def get_security_requirement_pack(params = {}, options = {})
3247
+ req = build_request(:get_security_requirement_pack, params)
3248
+ req.send_request(options)
3249
+ end
3250
+
3251
+ # Imports security requirements from uploaded documents into a customer
3252
+ # managed security requirement pack. The import process asynchronously
3253
+ # extracts and generates structured security requirements from the
3254
+ # provided source files.
3255
+ #
3256
+ # @option params [required, String] :pack_id
3257
+ # The unique identifier of the security requirement pack to import
3258
+ # requirements into.
3259
+ #
3260
+ # @option params [required, Types::ImportSource] :input
3261
+ # The import source containing the documents to extract security
3262
+ # requirements from.
3263
+ #
3264
+ # @return [Types::ImportSecurityRequirementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3265
+ #
3266
+ # * {Types::ImportSecurityRequirementsOutput#pack_id #pack_id} => String
3267
+ # * {Types::ImportSecurityRequirementsOutput#import_status #import_status} => String
3268
+ #
3269
+ # @example Request syntax with placeholder values
3270
+ #
3271
+ # resp = client.import_security_requirements({
3272
+ # pack_id: "SecurityRequirementPackId", # required
3273
+ # input: { # required
3274
+ # documents: [
3275
+ # {
3276
+ # name: "SecurityRequirementArtifactName", # required
3277
+ # format: "MD", # required, accepts MD, PDF, TXT, DOCX, DOC
3278
+ # content: "data", # required
3279
+ # },
3280
+ # ],
3281
+ # },
3282
+ # })
3283
+ #
3284
+ # @example Response structure
3285
+ #
3286
+ # resp.pack_id #=> String
3287
+ # resp.import_status #=> String, one of "PENDING", "IN_PROGRESS", "FAILED", "COMPLETED"
3288
+ #
3289
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ImportSecurityRequirements AWS API Documentation
3290
+ #
3291
+ # @overload import_security_requirements(params = {})
3292
+ # @param [Hash] params ({})
3293
+ def import_security_requirements(params = {}, options = {})
3294
+ req = build_request(:import_security_requirements, params)
3295
+ req.send_request(options)
3296
+ end
3297
+
2112
3298
  # Initiates the OAuth registration flow with a third-party provider.
2113
3299
  # Returns a redirect URL and CSRF state token for completing the
2114
3300
  # authorization.
@@ -2125,7 +3311,7 @@ module Aws::SecurityAgent
2125
3311
  # @example Request syntax with placeholder values
2126
3312
  #
2127
3313
  # resp = client.initiate_provider_registration({
2128
- # provider: "GITHUB", # required, accepts GITHUB
3314
+ # provider: "GITHUB", # required, accepts GITHUB, GITLAB, BITBUCKET, CONFLUENCE
2129
3315
  # })
2130
3316
  #
2131
3317
  # @example Response structure
@@ -2312,7 +3498,7 @@ module Aws::SecurityAgent
2312
3498
  # agent_space_id: "String", # required
2313
3499
  # max_results: 1,
2314
3500
  # code_review_job_id: "String",
2315
- # step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
3501
+ # step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING, VALIDATION
2316
3502
  # category_name: "String",
2317
3503
  # next_token: "NextToken",
2318
3504
  # })
@@ -2575,6 +3761,7 @@ module Aws::SecurityAgent
2575
3761
  # resp.findings_summaries[0].risk_type #=> String
2576
3762
  # resp.findings_summaries[0].risk_level #=> String, one of "UNKNOWN", "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
2577
3763
  # resp.findings_summaries[0].confidence #=> String, one of "FALSE_POSITIVE", "UNCONFIRMED", "LOW", "MEDIUM", "HIGH"
3764
+ # resp.findings_summaries[0].validation_status #=> String, one of "CONFIRMED", "NOT_REPRODUCED", "VALIDATION_FAILED", "VALIDATING", "NOT_VALIDATED"
2578
3765
  # resp.findings_summaries[0].created_at #=> Time
2579
3766
  # resp.findings_summaries[0].updated_at #=> Time
2580
3767
  # resp.next_token #=> String
@@ -2622,7 +3809,7 @@ module Aws::SecurityAgent
2622
3809
  # resp = client.list_integrated_resources({
2623
3810
  # agent_space_id: "AgentSpaceId", # required
2624
3811
  # integration_id: "IntegrationId",
2625
- # resource_type: "CODE_REPOSITORY", # accepts CODE_REPOSITORY
3812
+ # resource_type: "CODE_REPOSITORY", # accepts CODE_REPOSITORY, DOCUMENT
2626
3813
  # next_token: "NextToken",
2627
3814
  # max_results: 1,
2628
3815
  # })
@@ -2635,8 +3822,29 @@ module Aws::SecurityAgent
2635
3822
  # resp.integrated_resource_summaries[0].resource.github_repository.provider_resource_id #=> String
2636
3823
  # resp.integrated_resource_summaries[0].resource.github_repository.owner #=> String
2637
3824
  # resp.integrated_resource_summaries[0].resource.github_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
3825
+ # resp.integrated_resource_summaries[0].resource.gitlab_repository.name #=> String
3826
+ # resp.integrated_resource_summaries[0].resource.gitlab_repository.provider_resource_id #=> String
3827
+ # resp.integrated_resource_summaries[0].resource.gitlab_repository.namespace #=> String
3828
+ # resp.integrated_resource_summaries[0].resource.gitlab_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
3829
+ # resp.integrated_resource_summaries[0].resource.bitbucket_repository.name #=> String
3830
+ # resp.integrated_resource_summaries[0].resource.bitbucket_repository.provider_resource_id #=> String
3831
+ # resp.integrated_resource_summaries[0].resource.bitbucket_repository.workspace #=> String
3832
+ # resp.integrated_resource_summaries[0].resource.bitbucket_repository.access_type #=> String, one of "PRIVATE", "PUBLIC"
3833
+ # resp.integrated_resource_summaries[0].resource.confluence_document.name #=> String
3834
+ # resp.integrated_resource_summaries[0].resource.confluence_document.provider_resource_id #=> String
3835
+ # resp.integrated_resource_summaries[0].resource.confluence_document.space_key #=> String
3836
+ # resp.integrated_resource_summaries[0].resource.confluence_document.page_id #=> String
3837
+ # resp.integrated_resource_summaries[0].resource.confluence_document.title #=> String
3838
+ # resp.integrated_resource_summaries[0].resource.confluence_document.space_title #=> String
2638
3839
  # resp.integrated_resource_summaries[0].capabilities.github.leave_comments #=> Boolean
2639
3840
  # resp.integrated_resource_summaries[0].capabilities.github.remediate_code #=> Boolean
3841
+ # resp.integrated_resource_summaries[0].capabilities.gitlab.leave_comments #=> Boolean
3842
+ # resp.integrated_resource_summaries[0].capabilities.gitlab.remediate_code #=> Boolean
3843
+ # resp.integrated_resource_summaries[0].capabilities.bitbucket.leave_comments #=> Boolean
3844
+ # resp.integrated_resource_summaries[0].capabilities.bitbucket.remediate_code #=> Boolean
3845
+ # resp.integrated_resource_summaries[0].capabilities.confluence.fetch_document #=> Boolean
3846
+ # resp.integrated_resource_summaries[0].capabilities.confluence.create_document #=> Boolean
3847
+ # resp.integrated_resource_summaries[0].capabilities.confluence.update_document #=> Boolean
2640
3848
  # resp.next_token #=> String
2641
3849
  #
2642
3850
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListIntegratedResources AWS API Documentation
@@ -2674,7 +3882,7 @@ module Aws::SecurityAgent
2674
3882
  #
2675
3883
  # resp = client.list_integrations({
2676
3884
  # filter: {
2677
- # provider: "GITHUB", # accepts GITHUB
3885
+ # provider: "GITHUB", # accepts GITHUB, GITLAB, BITBUCKET, CONFLUENCE
2678
3886
  # provider_type: "SOURCE_CODE", # accepts SOURCE_CODE, DOCUMENTATION
2679
3887
  # },
2680
3888
  # next_token: "NextToken",
@@ -2686,9 +3894,11 @@ module Aws::SecurityAgent
2686
3894
  # resp.integration_summaries #=> Array
2687
3895
  # resp.integration_summaries[0].integration_id #=> String
2688
3896
  # resp.integration_summaries[0].installation_id #=> String
2689
- # resp.integration_summaries[0].provider #=> String, one of "GITHUB"
3897
+ # resp.integration_summaries[0].provider #=> String, one of "GITHUB", "GITLAB", "BITBUCKET", "CONFLUENCE"
2690
3898
  # resp.integration_summaries[0].provider_type #=> String, one of "SOURCE_CODE", "DOCUMENTATION"
2691
3899
  # resp.integration_summaries[0].display_name #=> String
3900
+ # resp.integration_summaries[0].target_url #=> String
3901
+ # resp.integration_summaries[0].private_connection_name #=> String
2692
3902
  # resp.next_token #=> String
2693
3903
  #
2694
3904
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListIntegrations AWS API Documentation
@@ -2778,7 +3988,7 @@ module Aws::SecurityAgent
2778
3988
  #
2779
3989
  # @option params [String] :step_name
2780
3990
  # Filter tasks by step name. Valid values include PREFLIGHT,
2781
- # STATIC\_ANALYSIS, PENTEST, and FINALIZING.
3991
+ # STATIC\_ANALYSIS, PENTEST, VALIDATION, and FINALIZING.
2782
3992
  #
2783
3993
  # @option params [String] :category_name
2784
3994
  # Filter tasks by category name.
@@ -2802,7 +4012,7 @@ module Aws::SecurityAgent
2802
4012
  # agent_space_id: "String", # required
2803
4013
  # max_results: 1,
2804
4014
  # pentest_job_id: "String",
2805
- # step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING
4015
+ # step_name: "PREFLIGHT", # accepts PREFLIGHT, STATIC_ANALYSIS, PENTEST, FINALIZING, VALIDATION
2806
4016
  # category_name: "String",
2807
4017
  # next_token: "NextToken",
2808
4018
  # })
@@ -2933,19 +4143,167 @@ module Aws::SecurityAgent
2933
4143
  req.send_request(options)
2934
4144
  end
2935
4145
 
2936
- # Returns the tags associated with the specified resource.
4146
+ # Lists the private connections in your account.
2937
4147
  #
2938
- # @option params [required, String] :resource_arn
2939
- # The Amazon Resource Name (ARN) of the resource to list tags for.
4148
+ # @option params [Integer] :max_results
4149
+ # The maximum number of private connections to return in a single
4150
+ # response.
2940
4151
  #
2941
- # @return [Types::ListTagsForResourceOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4152
+ # @option params [String] :next_token
4153
+ # The token for the next page of results.
2942
4154
  #
2943
- # * {Types::ListTagsForResourceOutput#tags #tags} => Hash&lt;String,String&gt;
4155
+ # @return [Types::ListPrivateConnectionsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4156
+ #
4157
+ # * {Types::ListPrivateConnectionsOutput#private_connections #private_connections} => Array&lt;Types::PrivateConnectionSummary&gt;
4158
+ # * {Types::ListPrivateConnectionsOutput#next_token #next_token} => String
4159
+ #
4160
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2944
4161
  #
2945
4162
  # @example Request syntax with placeholder values
2946
4163
  #
2947
- # resp = client.list_tags_for_resource({
2948
- # resource_arn: "ResourceArn", # required
4164
+ # resp = client.list_private_connections({
4165
+ # max_results: 1,
4166
+ # next_token: "NextToken",
4167
+ # })
4168
+ #
4169
+ # @example Response structure
4170
+ #
4171
+ # resp.private_connections #=> Array
4172
+ # resp.private_connections[0].name #=> String
4173
+ # resp.private_connections[0].type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
4174
+ # resp.private_connections[0].status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
4175
+ # resp.private_connections[0].resource_gateway_id #=> String
4176
+ # resp.private_connections[0].host_address #=> String
4177
+ # resp.private_connections[0].vpc_id #=> String
4178
+ # resp.private_connections[0].resource_configuration_id #=> String
4179
+ # resp.private_connections[0].certificate_expiry_time #=> Time
4180
+ # resp.private_connections[0].dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
4181
+ # resp.private_connections[0].failure_message #=> String
4182
+ # resp.private_connections[0].tags #=> Hash
4183
+ # resp.private_connections[0].tags["TagKey"] #=> String
4184
+ # resp.next_token #=> String
4185
+ #
4186
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListPrivateConnections AWS API Documentation
4187
+ #
4188
+ # @overload list_private_connections(params = {})
4189
+ # @param [Hash] params ({})
4190
+ def list_private_connections(params = {}, options = {})
4191
+ req = build_request(:list_private_connections, params)
4192
+ req.send_request(options)
4193
+ end
4194
+
4195
+ # Lists all security requirement packs in the caller's account.
4196
+ #
4197
+ # @option params [Types::ListSecurityRequirementPackFilter] :filter
4198
+ # The filter criteria for listing security requirement packs.
4199
+ #
4200
+ # @option params [String] :next_token
4201
+ # The pagination token from a previous request to retrieve the next page
4202
+ # of results.
4203
+ #
4204
+ # @option params [Integer] :max_results
4205
+ # The maximum number of results to return in a single request.
4206
+ #
4207
+ # @return [Types::ListSecurityRequirementPacksOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4208
+ #
4209
+ # * {Types::ListSecurityRequirementPacksOutput#security_requirement_pack_summaries #security_requirement_pack_summaries} => Array&lt;Types::SecurityRequirementPackSummary&gt;
4210
+ # * {Types::ListSecurityRequirementPacksOutput#next_token #next_token} => String
4211
+ #
4212
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4213
+ #
4214
+ # @example Request syntax with placeholder values
4215
+ #
4216
+ # resp = client.list_security_requirement_packs({
4217
+ # filter: {
4218
+ # management_type: "AWS_MANAGED", # accepts AWS_MANAGED, CUSTOMER_MANAGED
4219
+ # status: "ENABLED", # accepts ENABLED, DISABLED
4220
+ # },
4221
+ # next_token: "NextToken",
4222
+ # max_results: 1,
4223
+ # })
4224
+ #
4225
+ # @example Response structure
4226
+ #
4227
+ # resp.security_requirement_pack_summaries #=> Array
4228
+ # resp.security_requirement_pack_summaries[0].pack_id #=> String
4229
+ # resp.security_requirement_pack_summaries[0].name #=> String
4230
+ # resp.security_requirement_pack_summaries[0].description #=> String
4231
+ # resp.security_requirement_pack_summaries[0].vendor_name #=> String
4232
+ # resp.security_requirement_pack_summaries[0].management_type #=> String, one of "AWS_MANAGED", "CUSTOMER_MANAGED"
4233
+ # resp.security_requirement_pack_summaries[0].status #=> String, one of "ENABLED", "DISABLED"
4234
+ # resp.security_requirement_pack_summaries[0].created_at #=> Time
4235
+ # resp.security_requirement_pack_summaries[0].updated_at #=> Time
4236
+ # resp.next_token #=> String
4237
+ #
4238
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListSecurityRequirementPacks AWS API Documentation
4239
+ #
4240
+ # @overload list_security_requirement_packs(params = {})
4241
+ # @param [Hash] params ({})
4242
+ def list_security_requirement_packs(params = {}, options = {})
4243
+ req = build_request(:list_security_requirement_packs, params)
4244
+ req.send_request(options)
4245
+ end
4246
+
4247
+ # Lists security requirements within a pack.
4248
+ #
4249
+ # @option params [required, String] :pack_id
4250
+ # The unique identifier of the security requirement pack to list
4251
+ # requirements for.
4252
+ #
4253
+ # @option params [String] :next_token
4254
+ # The pagination token from a previous request to retrieve the next page
4255
+ # of results.
4256
+ #
4257
+ # @option params [Integer] :max_results
4258
+ # The maximum number of results to return in a single request.
4259
+ #
4260
+ # @return [Types::ListSecurityRequirementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4261
+ #
4262
+ # * {Types::ListSecurityRequirementsOutput#security_requirement_summaries #security_requirement_summaries} => Array&lt;Types::SecurityRequirementSummary&gt;
4263
+ # * {Types::ListSecurityRequirementsOutput#next_token #next_token} => String
4264
+ #
4265
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4266
+ #
4267
+ # @example Request syntax with placeholder values
4268
+ #
4269
+ # resp = client.list_security_requirements({
4270
+ # pack_id: "SecurityRequirementPackId", # required
4271
+ # next_token: "NextToken",
4272
+ # max_results: 1,
4273
+ # })
4274
+ #
4275
+ # @example Response structure
4276
+ #
4277
+ # resp.security_requirement_summaries #=> Array
4278
+ # resp.security_requirement_summaries[0].pack_id #=> String
4279
+ # resp.security_requirement_summaries[0].name #=> String
4280
+ # resp.security_requirement_summaries[0].description #=> String
4281
+ # resp.security_requirement_summaries[0].created_at #=> Time
4282
+ # resp.security_requirement_summaries[0].updated_at #=> Time
4283
+ # resp.next_token #=> String
4284
+ #
4285
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListSecurityRequirements AWS API Documentation
4286
+ #
4287
+ # @overload list_security_requirements(params = {})
4288
+ # @param [Hash] params ({})
4289
+ def list_security_requirements(params = {}, options = {})
4290
+ req = build_request(:list_security_requirements, params)
4291
+ req.send_request(options)
4292
+ end
4293
+
4294
+ # Returns the tags associated with the specified resource.
4295
+ #
4296
+ # @option params [required, String] :resource_arn
4297
+ # The Amazon Resource Name (ARN) of the resource to list tags for.
4298
+ #
4299
+ # @return [Types::ListTagsForResourceOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4300
+ #
4301
+ # * {Types::ListTagsForResourceOutput#tags #tags} => Hash&lt;String,String&gt;
4302
+ #
4303
+ # @example Request syntax with placeholder values
4304
+ #
4305
+ # resp = client.list_tags_for_resource({
4306
+ # resource_arn: "ResourceArn", # required
2949
4307
  # })
2950
4308
  #
2951
4309
  # @example Response structure
@@ -3004,6 +4362,217 @@ module Aws::SecurityAgent
3004
4362
  req.send_request(options)
3005
4363
  end
3006
4364
 
4365
+ # Returns a paginated list of task summaries for the specified threat
4366
+ # model job.
4367
+ #
4368
+ # @option params [required, String] :agent_space_id
4369
+ # The unique identifier of the agent space.
4370
+ #
4371
+ # @option params [Integer] :max_results
4372
+ # The maximum number of results to return in a single call.
4373
+ #
4374
+ # @option params [required, String] :threat_model_job_id
4375
+ # The unique identifier of the threat model job to list tasks for.
4376
+ #
4377
+ # @option params [String] :next_token
4378
+ # A token to use for paginating results that are returned in the
4379
+ # response.
4380
+ #
4381
+ # @return [Types::ListThreatModelJobTasksOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4382
+ #
4383
+ # * {Types::ListThreatModelJobTasksOutput#threat_model_job_task_summaries #threat_model_job_task_summaries} => Array&lt;Types::ThreatModelJobTaskSummary&gt;
4384
+ # * {Types::ListThreatModelJobTasksOutput#next_token #next_token} => String
4385
+ #
4386
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4387
+ #
4388
+ # @example Request syntax with placeholder values
4389
+ #
4390
+ # resp = client.list_threat_model_job_tasks({
4391
+ # agent_space_id: "String", # required
4392
+ # max_results: 1,
4393
+ # threat_model_job_id: "String", # required
4394
+ # next_token: "NextToken",
4395
+ # })
4396
+ #
4397
+ # @example Response structure
4398
+ #
4399
+ # resp.threat_model_job_task_summaries #=> Array
4400
+ # resp.threat_model_job_task_summaries[0].task_id #=> String
4401
+ # resp.threat_model_job_task_summaries[0].threat_model_id #=> String
4402
+ # resp.threat_model_job_task_summaries[0].threat_model_job_id #=> String
4403
+ # resp.threat_model_job_task_summaries[0].agent_space_id #=> String
4404
+ # resp.threat_model_job_task_summaries[0].title #=> String
4405
+ # resp.threat_model_job_task_summaries[0].execution_status #=> String, one of "IN_PROGRESS", "ABORTED", "COMPLETED", "INTERNAL_ERROR", "FAILED"
4406
+ # resp.threat_model_job_task_summaries[0].created_at #=> Time
4407
+ # resp.threat_model_job_task_summaries[0].updated_at #=> Time
4408
+ # resp.next_token #=> String
4409
+ #
4410
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListThreatModelJobTasks AWS API Documentation
4411
+ #
4412
+ # @overload list_threat_model_job_tasks(params = {})
4413
+ # @param [Hash] params ({})
4414
+ def list_threat_model_job_tasks(params = {}, options = {})
4415
+ req = build_request(:list_threat_model_job_tasks, params)
4416
+ req.send_request(options)
4417
+ end
4418
+
4419
+ # Returns a paginated list of threat model job summaries for the
4420
+ # specified threat model.
4421
+ #
4422
+ # @option params [Integer] :max_results
4423
+ # The maximum number of results to return in a single call.
4424
+ #
4425
+ # @option params [required, String] :threat_model_id
4426
+ # The unique identifier of the threat model to list jobs for.
4427
+ #
4428
+ # @option params [required, String] :agent_space_id
4429
+ # The unique identifier of the agent space.
4430
+ #
4431
+ # @option params [String] :next_token
4432
+ # A token to use for paginating results that are returned in the
4433
+ # response.
4434
+ #
4435
+ # @return [Types::ListThreatModelJobsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4436
+ #
4437
+ # * {Types::ListThreatModelJobsOutput#threat_model_job_summaries #threat_model_job_summaries} => Array&lt;Types::ThreatModelJobSummary&gt;
4438
+ # * {Types::ListThreatModelJobsOutput#next_token #next_token} => String
4439
+ #
4440
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4441
+ #
4442
+ # @example Request syntax with placeholder values
4443
+ #
4444
+ # resp = client.list_threat_model_jobs({
4445
+ # max_results: 1,
4446
+ # threat_model_id: "String", # required
4447
+ # agent_space_id: "String", # required
4448
+ # next_token: "NextToken",
4449
+ # })
4450
+ #
4451
+ # @example Response structure
4452
+ #
4453
+ # resp.threat_model_job_summaries #=> Array
4454
+ # resp.threat_model_job_summaries[0].threat_model_job_id #=> String
4455
+ # resp.threat_model_job_summaries[0].threat_model_id #=> String
4456
+ # resp.threat_model_job_summaries[0].agent_space_id #=> String
4457
+ # resp.threat_model_job_summaries[0].title #=> String
4458
+ # resp.threat_model_job_summaries[0].status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
4459
+ # resp.threat_model_job_summaries[0].created_at #=> Time
4460
+ # resp.threat_model_job_summaries[0].updated_at #=> Time
4461
+ # resp.next_token #=> String
4462
+ #
4463
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListThreatModelJobs AWS API Documentation
4464
+ #
4465
+ # @overload list_threat_model_jobs(params = {})
4466
+ # @param [Hash] params ({})
4467
+ def list_threat_model_jobs(params = {}, options = {})
4468
+ req = build_request(:list_threat_model_jobs, params)
4469
+ req.send_request(options)
4470
+ end
4471
+
4472
+ # Returns a paginated list of threat model summaries for the specified
4473
+ # agent space.
4474
+ #
4475
+ # @option params [Integer] :max_results
4476
+ # The maximum number of results to return in a single call.
4477
+ #
4478
+ # @option params [String] :next_token
4479
+ # A token to use for paginating results that are returned in the
4480
+ # response.
4481
+ #
4482
+ # @option params [required, String] :agent_space_id
4483
+ # The unique identifier of the agent space to list threat models for.
4484
+ #
4485
+ # @return [Types::ListThreatModelsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4486
+ #
4487
+ # * {Types::ListThreatModelsOutput#threat_model_summaries #threat_model_summaries} => Array&lt;Types::ThreatModelSummary&gt;
4488
+ # * {Types::ListThreatModelsOutput#next_token #next_token} => String
4489
+ #
4490
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4491
+ #
4492
+ # @example Request syntax with placeholder values
4493
+ #
4494
+ # resp = client.list_threat_models({
4495
+ # max_results: 1,
4496
+ # next_token: "NextToken",
4497
+ # agent_space_id: "String", # required
4498
+ # })
4499
+ #
4500
+ # @example Response structure
4501
+ #
4502
+ # resp.threat_model_summaries #=> Array
4503
+ # resp.threat_model_summaries[0].threat_model_id #=> String
4504
+ # resp.threat_model_summaries[0].agent_space_id #=> String
4505
+ # resp.threat_model_summaries[0].title #=> String
4506
+ # resp.threat_model_summaries[0].created_at #=> Time
4507
+ # resp.threat_model_summaries[0].updated_at #=> Time
4508
+ # resp.next_token #=> String
4509
+ #
4510
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListThreatModels AWS API Documentation
4511
+ #
4512
+ # @overload list_threat_models(params = {})
4513
+ # @param [Hash] params ({})
4514
+ def list_threat_models(params = {}, options = {})
4515
+ req = build_request(:list_threat_models, params)
4516
+ req.send_request(options)
4517
+ end
4518
+
4519
+ # Returns a paginated list of threats for a threat model job.
4520
+ #
4521
+ # @option params [required, String] :threat_job_id
4522
+ # The unique identifier of the threat model job to list threats for.
4523
+ #
4524
+ # @option params [required, String] :agent_space_id
4525
+ # The unique identifier of the agent space.
4526
+ #
4527
+ # @option params [String] :next_token
4528
+ # A token to use for paginating results that are returned in the
4529
+ # response.
4530
+ #
4531
+ # @option params [Integer] :max_results
4532
+ # The maximum number of results to return in a single call.
4533
+ #
4534
+ # @return [Types::ListThreatsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4535
+ #
4536
+ # * {Types::ListThreatsOutput#threats #threats} => Array&lt;Types::ThreatSummary&gt;
4537
+ # * {Types::ListThreatsOutput#next_token #next_token} => String
4538
+ #
4539
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4540
+ #
4541
+ # @example Request syntax with placeholder values
4542
+ #
4543
+ # resp = client.list_threats({
4544
+ # threat_job_id: "String", # required
4545
+ # agent_space_id: "String", # required
4546
+ # next_token: "NextToken",
4547
+ # max_results: 1,
4548
+ # })
4549
+ #
4550
+ # @example Response structure
4551
+ #
4552
+ # resp.threats #=> Array
4553
+ # resp.threats[0].threat_id #=> String
4554
+ # resp.threats[0].threat_job_id #=> String
4555
+ # resp.threats[0].title #=> String
4556
+ # resp.threats[0].statement #=> String
4557
+ # resp.threats[0].severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
4558
+ # resp.threats[0].status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
4559
+ # resp.threats[0].stride #=> Array
4560
+ # resp.threats[0].stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
4561
+ # resp.threats[0].created_by #=> String, one of "CUSTOMER", "AGENT"
4562
+ # resp.threats[0].updated_by #=> String, one of "CUSTOMER", "AGENT"
4563
+ # resp.threats[0].created_at #=> Time
4564
+ # resp.threats[0].updated_at #=> Time
4565
+ # resp.next_token #=> String
4566
+ #
4567
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/ListThreats AWS API Documentation
4568
+ #
4569
+ # @overload list_threats(params = {})
4570
+ # @param [Hash] params ({})
4571
+ def list_threats(params = {}, options = {})
4572
+ req = build_request(:list_threats, params)
4573
+ req.send_request(options)
4574
+ end
4575
+
3007
4576
  # Initiates code remediation for one or more security findings. This
3008
4577
  # creates pull requests in integrated repositories to fix the identified
3009
4578
  # vulnerabilities.
@@ -3052,6 +4621,10 @@ module Aws::SecurityAgent
3052
4621
  # @option params [required, String] :code_review_id
3053
4622
  # The unique identifier of the code review to start a job for.
3054
4623
  #
4624
+ # @option params [Types::DiffSource] :diff_source
4625
+ # Source of the diff for a differential scan. When present, the job
4626
+ # analyzes only the changed lines instead of performing a full scan.
4627
+ #
3055
4628
  # @return [Types::StartCodeReviewJobOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3056
4629
  #
3057
4630
  # * {Types::StartCodeReviewJobOutput#title #title} => String
@@ -3067,6 +4640,9 @@ module Aws::SecurityAgent
3067
4640
  # resp = client.start_code_review_job({
3068
4641
  # agent_space_id: "String", # required
3069
4642
  # code_review_id: "String", # required
4643
+ # diff_source: {
4644
+ # s3_uri: "String",
4645
+ # },
3070
4646
  # })
3071
4647
  #
3072
4648
  # @example Response structure
@@ -3133,6 +4709,50 @@ module Aws::SecurityAgent
3133
4709
  req.send_request(options)
3134
4710
  end
3135
4711
 
4712
+ # Starts a new threat model job for a threat model configuration.
4713
+ #
4714
+ # @option params [required, String] :agent_space_id
4715
+ # The unique identifier of the agent space.
4716
+ #
4717
+ # @option params [required, String] :threat_model_id
4718
+ # The unique identifier of the threat model to start a job for.
4719
+ #
4720
+ # @return [Types::StartThreatModelJobOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4721
+ #
4722
+ # * {Types::StartThreatModelJobOutput#title #title} => String
4723
+ # * {Types::StartThreatModelJobOutput#status #status} => String
4724
+ # * {Types::StartThreatModelJobOutput#created_at #created_at} => Time
4725
+ # * {Types::StartThreatModelJobOutput#updated_at #updated_at} => Time
4726
+ # * {Types::StartThreatModelJobOutput#threat_model_id #threat_model_id} => String
4727
+ # * {Types::StartThreatModelJobOutput#threat_model_job_id #threat_model_job_id} => String
4728
+ # * {Types::StartThreatModelJobOutput#agent_space_id #agent_space_id} => String
4729
+ #
4730
+ # @example Request syntax with placeholder values
4731
+ #
4732
+ # resp = client.start_threat_model_job({
4733
+ # agent_space_id: "String", # required
4734
+ # threat_model_id: "String", # required
4735
+ # })
4736
+ #
4737
+ # @example Response structure
4738
+ #
4739
+ # resp.title #=> String
4740
+ # resp.status #=> String, one of "IN_PROGRESS", "STOPPING", "STOPPED", "FAILED", "COMPLETED"
4741
+ # resp.created_at #=> Time
4742
+ # resp.updated_at #=> Time
4743
+ # resp.threat_model_id #=> String
4744
+ # resp.threat_model_job_id #=> String
4745
+ # resp.agent_space_id #=> String
4746
+ #
4747
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/StartThreatModelJob AWS API Documentation
4748
+ #
4749
+ # @overload start_threat_model_job(params = {})
4750
+ # @param [Hash] params ({})
4751
+ def start_threat_model_job(params = {}, options = {})
4752
+ req = build_request(:start_threat_model_job, params)
4753
+ req.send_request(options)
4754
+ end
4755
+
3136
4756
  # Stops a running code review job. The job transitions to a stopping
3137
4757
  # state and then to stopped after cleanup completes.
3138
4758
  #
@@ -3187,6 +4807,32 @@ module Aws::SecurityAgent
3187
4807
  req.send_request(options)
3188
4808
  end
3189
4809
 
4810
+ # Stops a running threat model job.
4811
+ #
4812
+ # @option params [required, String] :agent_space_id
4813
+ # The unique identifier of the agent space.
4814
+ #
4815
+ # @option params [required, String] :threat_model_job_id
4816
+ # The unique identifier of the threat model job to stop.
4817
+ #
4818
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
4819
+ #
4820
+ # @example Request syntax with placeholder values
4821
+ #
4822
+ # resp = client.stop_threat_model_job({
4823
+ # agent_space_id: "String", # required
4824
+ # threat_model_job_id: "String", # required
4825
+ # })
4826
+ #
4827
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/StopThreatModelJob AWS API Documentation
4828
+ #
4829
+ # @overload stop_threat_model_job(params = {})
4830
+ # @param [Hash] params ({})
4831
+ def stop_threat_model_job(params = {}, options = {})
4832
+ req = build_request(:stop_threat_model_job, params)
4833
+ req.send_request(options)
4834
+ end
4835
+
3190
4836
  # Adds tags to a resource.
3191
4837
  #
3192
4838
  # @option params [required, String] :resource_arn
@@ -3401,6 +5047,10 @@ module Aws::SecurityAgent
3401
5047
  # @option params [String] :code_remediation_strategy
3402
5048
  # The updated code remediation strategy for the code review.
3403
5049
  #
5050
+ # @option params [String] :validation_mode
5051
+ # The updated validation mode for the code review. Valid values are
5052
+ # SIMULATED and DISABLED.
5053
+ #
3404
5054
  # @return [Types::UpdateCodeReviewOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3405
5055
  #
3406
5056
  # * {Types::UpdateCodeReviewOutput#code_review_id #code_review_id} => String
@@ -3412,6 +5062,7 @@ module Aws::SecurityAgent
3412
5062
  # * {Types::UpdateCodeReviewOutput#log_config #log_config} => Types::CloudWatchLog
3413
5063
  # * {Types::UpdateCodeReviewOutput#agent_space_id #agent_space_id} => String
3414
5064
  # * {Types::UpdateCodeReviewOutput#code_remediation_strategy #code_remediation_strategy} => String
5065
+ # * {Types::UpdateCodeReviewOutput#validation_mode #validation_mode} => String
3415
5066
  #
3416
5067
  # @example Request syntax with placeholder values
3417
5068
  #
@@ -3440,6 +5091,10 @@ module Aws::SecurityAgent
3440
5091
  # {
3441
5092
  # s3_location: "String",
3442
5093
  # artifact_id: "String",
5094
+ # integrated_document: {
5095
+ # integration_id: "String", # required
5096
+ # resource_id: "String", # required
5097
+ # },
3443
5098
  # },
3444
5099
  # ],
3445
5100
  # source_code: [
@@ -3460,6 +5115,7 @@ module Aws::SecurityAgent
3460
5115
  # log_stream: "String",
3461
5116
  # },
3462
5117
  # code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
5118
+ # validation_mode: "DISABLED", # accepts DISABLED, SIMULATED
3463
5119
  # })
3464
5120
  #
3465
5121
  # @example Response structure
@@ -3480,6 +5136,8 @@ module Aws::SecurityAgent
3480
5136
  # resp.assets.documents #=> Array
3481
5137
  # resp.assets.documents[0].s3_location #=> String
3482
5138
  # resp.assets.documents[0].artifact_id #=> String
5139
+ # resp.assets.documents[0].integrated_document.integration_id #=> String
5140
+ # resp.assets.documents[0].integrated_document.resource_id #=> String
3483
5141
  # resp.assets.source_code #=> Array
3484
5142
  # resp.assets.source_code[0].s3_location #=> String
3485
5143
  # resp.assets.integrated_repositories #=> Array
@@ -3490,6 +5148,7 @@ module Aws::SecurityAgent
3490
5148
  # resp.log_config.log_stream #=> String
3491
5149
  # resp.agent_space_id #=> String
3492
5150
  # resp.code_remediation_strategy #=> String, one of "AUTOMATIC", "DISABLED"
5151
+ # resp.validation_mode #=> String, one of "DISABLED", "SIMULATED"
3493
5152
  #
3494
5153
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/UpdateCodeReview AWS API Documentation
3495
5154
  #
@@ -3508,12 +5167,33 @@ module Aws::SecurityAgent
3508
5167
  # @option params [required, String] :agent_space_id
3509
5168
  # The unique identifier of the agent space that contains the finding.
3510
5169
  #
5170
+ # @option params [String] :name
5171
+ # The updated name for the finding.
5172
+ #
5173
+ # @option params [String] :description
5174
+ # The updated description for the finding.
5175
+ #
5176
+ # @option params [String] :risk_type
5177
+ # The updated risk type for the finding.
5178
+ #
3511
5179
  # @option params [String] :risk_level
3512
5180
  # The updated risk level for the finding.
3513
5181
  #
5182
+ # @option params [String] :risk_score
5183
+ # The updated numerical risk score for the finding.
5184
+ #
5185
+ # @option params [String] :attack_script
5186
+ # The updated attack script for the finding.
5187
+ #
5188
+ # @option params [String] :reasoning
5189
+ # The updated reasoning for the finding.
5190
+ #
3514
5191
  # @option params [String] :status
3515
5192
  # The updated status for the finding.
3516
5193
  #
5194
+ # @option params [String] :customer_note
5195
+ # A customer-provided note on the finding.
5196
+ #
3517
5197
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3518
5198
  #
3519
5199
  # @example Request syntax with placeholder values
@@ -3521,8 +5201,15 @@ module Aws::SecurityAgent
3521
5201
  # resp = client.update_finding({
3522
5202
  # finding_id: "String", # required
3523
5203
  # agent_space_id: "String", # required
5204
+ # name: "String",
5205
+ # description: "String",
5206
+ # risk_type: "String",
3524
5207
  # risk_level: "UNKNOWN", # accepts UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
5208
+ # risk_score: "String",
5209
+ # attack_script: "String",
5210
+ # reasoning: "String",
3525
5211
  # status: "ACTIVE", # accepts ACTIVE, RESOLVED, ACCEPTED, FALSE_POSITIVE
5212
+ # customer_note: "String",
3526
5213
  # })
3527
5214
  #
3528
5215
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/UpdateFinding AWS API Documentation
@@ -3560,12 +5247,40 @@ module Aws::SecurityAgent
3560
5247
  # name: "ProviderResourceName", # required
3561
5248
  # owner: "GitHubOwner", # required
3562
5249
  # },
5250
+ # gitlab_repository: {
5251
+ # name: "ProviderResourceName", # required
5252
+ # namespace: "GitLabNamespace", # required
5253
+ # },
5254
+ # bitbucket_repository: {
5255
+ # name: "ProviderResourceName", # required
5256
+ # workspace: "BitbucketWorkspace", # required
5257
+ # },
5258
+ # confluence_document: {
5259
+ # name: "ProviderResourceName", # required
5260
+ # space_key: "String", # required
5261
+ # page_id: "String", # required
5262
+ # title: "String",
5263
+ # space_title: "String",
5264
+ # },
3563
5265
  # },
3564
5266
  # capabilities: {
3565
5267
  # github: {
3566
5268
  # leave_comments: false,
3567
5269
  # remediate_code: false,
3568
5270
  # },
5271
+ # gitlab: {
5272
+ # leave_comments: false,
5273
+ # remediate_code: false,
5274
+ # },
5275
+ # bitbucket: {
5276
+ # leave_comments: false,
5277
+ # remediate_code: false,
5278
+ # },
5279
+ # confluence: {
5280
+ # fetch_document: false,
5281
+ # create_document: false,
5282
+ # update_document: false,
5283
+ # },
3569
5284
  # },
3570
5285
  # },
3571
5286
  # ],
@@ -3612,6 +5327,10 @@ module Aws::SecurityAgent
3612
5327
  # @option params [String] :code_remediation_strategy
3613
5328
  # The updated code remediation strategy for the pentest.
3614
5329
  #
5330
+ # @option params [Array<String>] :disable_managed_skills
5331
+ # The updated list of managed skills to disable for this pentest. Valid
5332
+ # values include FINDING\_PERSONALIZATION and LOGIN\_OPTIMIZATION.
5333
+ #
3615
5334
  # @return [Types::UpdatePentestOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3616
5335
  #
3617
5336
  # * {Types::UpdatePentestOutput#pentest_id #pentest_id} => String
@@ -3651,6 +5370,10 @@ module Aws::SecurityAgent
3651
5370
  # {
3652
5371
  # s3_location: "String",
3653
5372
  # artifact_id: "String",
5373
+ # integrated_document: {
5374
+ # integration_id: "String", # required
5375
+ # resource_id: "String", # required
5376
+ # },
3654
5377
  # },
3655
5378
  # ],
3656
5379
  # source_code: [
@@ -3692,6 +5415,7 @@ module Aws::SecurityAgent
3692
5415
  # ],
3693
5416
  # },
3694
5417
  # code_remediation_strategy: "AUTOMATIC", # accepts AUTOMATIC, DISABLED
5418
+ # disable_managed_skills: ["FINDING_PERSONALIZATION"], # accepts FINDING_PERSONALIZATION, LOGIN_OPTIMIZATION
3695
5419
  # })
3696
5420
  #
3697
5421
  # @example Response structure
@@ -3712,6 +5436,8 @@ module Aws::SecurityAgent
3712
5436
  # resp.assets.documents #=> Array
3713
5437
  # resp.assets.documents[0].s3_location #=> String
3714
5438
  # resp.assets.documents[0].artifact_id #=> String
5439
+ # resp.assets.documents[0].integrated_document.integration_id #=> String
5440
+ # resp.assets.documents[0].integrated_document.resource_id #=> String
3715
5441
  # resp.assets.source_code #=> Array
3716
5442
  # resp.assets.source_code[0].s3_location #=> String
3717
5443
  # resp.assets.integrated_repositories #=> Array
@@ -3733,6 +5459,108 @@ module Aws::SecurityAgent
3733
5459
  req.send_request(options)
3734
5460
  end
3735
5461
 
5462
+ # Updates the certificate associated with a private connection.
5463
+ # Certificates can be added or replaced but not removed.
5464
+ #
5465
+ # @option params [required, String] :private_connection_name
5466
+ # The name of the private connection to update.
5467
+ #
5468
+ # @option params [required, String] :certificate
5469
+ # The PEM-encoded certificate chain for the private connection.
5470
+ #
5471
+ # @return [Types::UpdatePrivateConnectionCertificateOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5472
+ #
5473
+ # * {Types::UpdatePrivateConnectionCertificateOutput#name #name} => String
5474
+ # * {Types::UpdatePrivateConnectionCertificateOutput#type #type} => String
5475
+ # * {Types::UpdatePrivateConnectionCertificateOutput#status #status} => String
5476
+ # * {Types::UpdatePrivateConnectionCertificateOutput#resource_gateway_id #resource_gateway_id} => String
5477
+ # * {Types::UpdatePrivateConnectionCertificateOutput#host_address #host_address} => String
5478
+ # * {Types::UpdatePrivateConnectionCertificateOutput#vpc_id #vpc_id} => String
5479
+ # * {Types::UpdatePrivateConnectionCertificateOutput#resource_configuration_id #resource_configuration_id} => String
5480
+ # * {Types::UpdatePrivateConnectionCertificateOutput#certificate_expiry_time #certificate_expiry_time} => Time
5481
+ # * {Types::UpdatePrivateConnectionCertificateOutput#dns_resolution #dns_resolution} => String
5482
+ # * {Types::UpdatePrivateConnectionCertificateOutput#failure_message #failure_message} => String
5483
+ # * {Types::UpdatePrivateConnectionCertificateOutput#tags #tags} => Hash&lt;String,String&gt;
5484
+ #
5485
+ # @example Request syntax with placeholder values
5486
+ #
5487
+ # resp = client.update_private_connection_certificate({
5488
+ # private_connection_name: "PrivateConnectionName", # required
5489
+ # certificate: "CertificateChain", # required
5490
+ # })
5491
+ #
5492
+ # @example Response structure
5493
+ #
5494
+ # resp.name #=> String
5495
+ # resp.type #=> String, one of "SERVICE_MANAGED", "SELF_MANAGED"
5496
+ # resp.status #=> String, one of "ACTIVE", "CREATE_IN_PROGRESS", "CREATE_FAILED", "DELETE_IN_PROGRESS", "DELETE_FAILED"
5497
+ # resp.resource_gateway_id #=> String
5498
+ # resp.host_address #=> String
5499
+ # resp.vpc_id #=> String
5500
+ # resp.resource_configuration_id #=> String
5501
+ # resp.certificate_expiry_time #=> Time
5502
+ # resp.dns_resolution #=> String, one of "PUBLIC", "IN_VPC"
5503
+ # resp.failure_message #=> String
5504
+ # resp.tags #=> Hash
5505
+ # resp.tags["TagKey"] #=> String
5506
+ #
5507
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/UpdatePrivateConnectionCertificate AWS API Documentation
5508
+ #
5509
+ # @overload update_private_connection_certificate(params = {})
5510
+ # @param [Hash] params ({})
5511
+ def update_private_connection_certificate(params = {}, options = {})
5512
+ req = build_request(:update_private_connection_certificate, params)
5513
+ req.send_request(options)
5514
+ end
5515
+
5516
+ # Updates a security requirement pack. For customer managed packs, both
5517
+ # metadata and status can be updated. For AWS managed packs, only status
5518
+ # can be updated.
5519
+ #
5520
+ # @option params [required, String] :pack_id
5521
+ # The unique identifier of the security requirement pack to update.
5522
+ #
5523
+ # @option params [String] :name
5524
+ # The updated name of the security requirement pack.
5525
+ #
5526
+ # @option params [String] :description
5527
+ # The updated description of the security requirement pack.
5528
+ #
5529
+ # @option params [String] :status
5530
+ # The updated status of the security requirement pack.
5531
+ #
5532
+ # @return [Types::UpdateSecurityRequirementPackOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5533
+ #
5534
+ # * {Types::UpdateSecurityRequirementPackOutput#pack_id #pack_id} => String
5535
+ # * {Types::UpdateSecurityRequirementPackOutput#name #name} => String
5536
+ # * {Types::UpdateSecurityRequirementPackOutput#description #description} => String
5537
+ # * {Types::UpdateSecurityRequirementPackOutput#status #status} => String
5538
+ #
5539
+ # @example Request syntax with placeholder values
5540
+ #
5541
+ # resp = client.update_security_requirement_pack({
5542
+ # pack_id: "SecurityRequirementPackId", # required
5543
+ # name: "SecurityRequirementPackName",
5544
+ # description: "String",
5545
+ # status: "ENABLED", # accepts ENABLED, DISABLED
5546
+ # })
5547
+ #
5548
+ # @example Response structure
5549
+ #
5550
+ # resp.pack_id #=> String
5551
+ # resp.name #=> String
5552
+ # resp.description #=> String
5553
+ # resp.status #=> String, one of "ENABLED", "DISABLED"
5554
+ #
5555
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/UpdateSecurityRequirementPack AWS API Documentation
5556
+ #
5557
+ # @overload update_security_requirement_pack(params = {})
5558
+ # @param [Hash] params ({})
5559
+ def update_security_requirement_pack(params = {}, options = {})
5560
+ req = build_request(:update_security_requirement_pack, params)
5561
+ req.send_request(options)
5562
+ end
5563
+
3736
5564
  # Updates the verification method for a target domain.
3737
5565
  #
3738
5566
  # @option params [required, String] :target_domain_id
@@ -3782,6 +5610,300 @@ module Aws::SecurityAgent
3782
5610
  req.send_request(options)
3783
5611
  end
3784
5612
 
5613
+ # Updates a threat.
5614
+ #
5615
+ # @option params [required, String] :threat_id
5616
+ # The unique identifier of the threat to update.
5617
+ #
5618
+ # @option params [required, String] :agent_space_id
5619
+ # The unique identifier of the agent space.
5620
+ #
5621
+ # @option params [String] :title
5622
+ # A short title summarizing the threat.
5623
+ #
5624
+ # @option params [String] :status
5625
+ # The updated status of the threat.
5626
+ #
5627
+ # @option params [String] :comments
5628
+ # Optional customer comment.
5629
+ #
5630
+ # @option params [String] :statement
5631
+ # The updated natural-language threat statement.
5632
+ #
5633
+ # @option params [String] :severity
5634
+ # The updated severity level of the threat.
5635
+ #
5636
+ # @option params [String] :threat_source
5637
+ # The updated actor or origin of the threat.
5638
+ #
5639
+ # @option params [String] :prerequisites
5640
+ # The updated conditions required for the threat to be exploitable.
5641
+ #
5642
+ # @option params [String] :threat_action
5643
+ # The updated description of what the threat source can do.
5644
+ #
5645
+ # @option params [String] :threat_impact
5646
+ # The updated direct consequence of the threat action.
5647
+ #
5648
+ # @option params [Array<String>] :impacted_goal
5649
+ # The updated security goals affected by the threat.
5650
+ #
5651
+ # @option params [Array<String>] :impacted_assets
5652
+ # The updated list of specific assets affected by the threat.
5653
+ #
5654
+ # @option params [Types::ThreatAnchorShape] :anchor
5655
+ # The updated DFD element this threat is anchored to.
5656
+ #
5657
+ # @option params [Array<Types::ThreatEvidenceShape>] :evidence
5658
+ # The updated source code files supporting the threat.
5659
+ #
5660
+ # @option params [String] :recommendation
5661
+ # The updated recommended mitigation guidance for this threat.
5662
+ #
5663
+ # @return [Types::UpdateThreatOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5664
+ #
5665
+ # * {Types::UpdateThreatOutput#threat_id #threat_id} => String
5666
+ # * {Types::UpdateThreatOutput#threat_job_id #threat_job_id} => String
5667
+ # * {Types::UpdateThreatOutput#title #title} => String
5668
+ # * {Types::UpdateThreatOutput#statement #statement} => String
5669
+ # * {Types::UpdateThreatOutput#severity #severity} => String
5670
+ # * {Types::UpdateThreatOutput#status #status} => String
5671
+ # * {Types::UpdateThreatOutput#comments #comments} => String
5672
+ # * {Types::UpdateThreatOutput#stride #stride} => Array&lt;String&gt;
5673
+ # * {Types::UpdateThreatOutput#threat_source #threat_source} => String
5674
+ # * {Types::UpdateThreatOutput#prerequisites #prerequisites} => String
5675
+ # * {Types::UpdateThreatOutput#threat_action #threat_action} => String
5676
+ # * {Types::UpdateThreatOutput#threat_impact #threat_impact} => String
5677
+ # * {Types::UpdateThreatOutput#impacted_goal #impacted_goal} => Array&lt;String&gt;
5678
+ # * {Types::UpdateThreatOutput#impacted_assets #impacted_assets} => Array&lt;String&gt;
5679
+ # * {Types::UpdateThreatOutput#anchor #anchor} => Types::ThreatAnchorShape
5680
+ # * {Types::UpdateThreatOutput#evidence #evidence} => Array&lt;Types::ThreatEvidenceShape&gt;
5681
+ # * {Types::UpdateThreatOutput#recommendation #recommendation} => String
5682
+ # * {Types::UpdateThreatOutput#created_by #created_by} => String
5683
+ # * {Types::UpdateThreatOutput#updated_by #updated_by} => String
5684
+ # * {Types::UpdateThreatOutput#created_at #created_at} => Time
5685
+ # * {Types::UpdateThreatOutput#updated_at #updated_at} => Time
5686
+ #
5687
+ # @example Request syntax with placeholder values
5688
+ #
5689
+ # resp = client.update_threat({
5690
+ # threat_id: "String", # required
5691
+ # agent_space_id: "String", # required
5692
+ # title: "String",
5693
+ # status: "OPEN", # accepts OPEN, RESOLVED, DISMISSED
5694
+ # comments: "String",
5695
+ # statement: "String",
5696
+ # severity: "CRITICAL", # accepts CRITICAL, HIGH, MEDIUM, LOW, INFO
5697
+ # threat_source: "String",
5698
+ # prerequisites: "String",
5699
+ # threat_action: "String",
5700
+ # threat_impact: "String",
5701
+ # impacted_goal: ["String"],
5702
+ # impacted_assets: ["String"],
5703
+ # anchor: {
5704
+ # kind: "String",
5705
+ # id: "String",
5706
+ # package_id: "String",
5707
+ # },
5708
+ # evidence: [
5709
+ # {
5710
+ # package_id: "String",
5711
+ # path: "String",
5712
+ # },
5713
+ # ],
5714
+ # recommendation: "String",
5715
+ # })
5716
+ #
5717
+ # @example Response structure
5718
+ #
5719
+ # resp.threat_id #=> String
5720
+ # resp.threat_job_id #=> String
5721
+ # resp.title #=> String
5722
+ # resp.statement #=> String
5723
+ # resp.severity #=> String, one of "CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO"
5724
+ # resp.status #=> String, one of "OPEN", "RESOLVED", "DISMISSED"
5725
+ # resp.comments #=> String
5726
+ # resp.stride #=> Array
5727
+ # resp.stride[0] #=> String, one of "SPOOFING", "TAMPERING", "REPUDIATION", "INFORMATION_DISCLOSURE", "DENIAL_OF_SERVICE", "ELEVATION_OF_PRIVILEGE"
5728
+ # resp.threat_source #=> String
5729
+ # resp.prerequisites #=> String
5730
+ # resp.threat_action #=> String
5731
+ # resp.threat_impact #=> String
5732
+ # resp.impacted_goal #=> Array
5733
+ # resp.impacted_goal[0] #=> String
5734
+ # resp.impacted_assets #=> Array
5735
+ # resp.impacted_assets[0] #=> String
5736
+ # resp.anchor.kind #=> String
5737
+ # resp.anchor.id #=> String
5738
+ # resp.anchor.package_id #=> String
5739
+ # resp.evidence #=> Array
5740
+ # resp.evidence[0].package_id #=> String
5741
+ # resp.evidence[0].path #=> String
5742
+ # resp.recommendation #=> String
5743
+ # resp.created_by #=> String, one of "CUSTOMER", "AGENT"
5744
+ # resp.updated_by #=> String, one of "CUSTOMER", "AGENT"
5745
+ # resp.created_at #=> Time
5746
+ # resp.updated_at #=> Time
5747
+ #
5748
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/UpdateThreat AWS API Documentation
5749
+ #
5750
+ # @overload update_threat(params = {})
5751
+ # @param [Hash] params ({})
5752
+ def update_threat(params = {}, options = {})
5753
+ req = build_request(:update_threat, params)
5754
+ req.send_request(options)
5755
+ end
5756
+
5757
+ # Updates an existing threat model configuration.
5758
+ #
5759
+ # @option params [required, String] :threat_model_id
5760
+ # The unique identifier of the threat model to update.
5761
+ #
5762
+ # @option params [required, String] :agent_space_id
5763
+ # The unique identifier of the agent space that contains the threat
5764
+ # model.
5765
+ #
5766
+ # @option params [String] :title
5767
+ # The updated title of the threat model.
5768
+ #
5769
+ # @option params [String] :description
5770
+ # The updated description of the application or system being threat
5771
+ # modeled.
5772
+ #
5773
+ # @option params [Types::Assets] :assets
5774
+ # The updated assets for the threat model.
5775
+ #
5776
+ # @option params [Array<Types::DocumentInfo>] :scope_docs
5777
+ # The updated scoped documents for the agent to focus on during threat
5778
+ # modeling.
5779
+ #
5780
+ # @option params [String] :service_role
5781
+ # The updated IAM service role for the threat model.
5782
+ #
5783
+ # @option params [Types::CloudWatchLog] :log_config
5784
+ # The updated CloudWatch Logs configuration for the threat model.
5785
+ #
5786
+ # @return [Types::UpdateThreatModelOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5787
+ #
5788
+ # * {Types::UpdateThreatModelOutput#threat_model_id #threat_model_id} => String
5789
+ # * {Types::UpdateThreatModelOutput#title #title} => String
5790
+ # * {Types::UpdateThreatModelOutput#agent_space_id #agent_space_id} => String
5791
+ # * {Types::UpdateThreatModelOutput#description #description} => String
5792
+ # * {Types::UpdateThreatModelOutput#assets #assets} => Types::Assets
5793
+ # * {Types::UpdateThreatModelOutput#scope_docs #scope_docs} => Array&lt;Types::DocumentInfo&gt;
5794
+ # * {Types::UpdateThreatModelOutput#service_role #service_role} => String
5795
+ # * {Types::UpdateThreatModelOutput#log_config #log_config} => Types::CloudWatchLog
5796
+ # * {Types::UpdateThreatModelOutput#created_at #created_at} => Time
5797
+ # * {Types::UpdateThreatModelOutput#updated_at #updated_at} => Time
5798
+ #
5799
+ # @example Request syntax with placeholder values
5800
+ #
5801
+ # resp = client.update_threat_model({
5802
+ # threat_model_id: "String", # required
5803
+ # agent_space_id: "String", # required
5804
+ # title: "String",
5805
+ # description: "String",
5806
+ # assets: {
5807
+ # endpoints: [
5808
+ # {
5809
+ # uri: "String",
5810
+ # },
5811
+ # ],
5812
+ # actors: [
5813
+ # {
5814
+ # identifier: "String",
5815
+ # uris: ["String"],
5816
+ # authentication: {
5817
+ # provider_type: "SECRETS_MANAGER", # accepts SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, AWS_INTERNAL
5818
+ # value: "String",
5819
+ # },
5820
+ # description: "String",
5821
+ # },
5822
+ # ],
5823
+ # documents: [
5824
+ # {
5825
+ # s3_location: "String",
5826
+ # artifact_id: "String",
5827
+ # integrated_document: {
5828
+ # integration_id: "String", # required
5829
+ # resource_id: "String", # required
5830
+ # },
5831
+ # },
5832
+ # ],
5833
+ # source_code: [
5834
+ # {
5835
+ # s3_location: "String",
5836
+ # },
5837
+ # ],
5838
+ # integrated_repositories: [
5839
+ # {
5840
+ # integration_id: "String", # required
5841
+ # provider_resource_id: "String", # required
5842
+ # },
5843
+ # ],
5844
+ # },
5845
+ # scope_docs: [
5846
+ # {
5847
+ # s3_location: "String",
5848
+ # artifact_id: "String",
5849
+ # integrated_document: {
5850
+ # integration_id: "String", # required
5851
+ # resource_id: "String", # required
5852
+ # },
5853
+ # },
5854
+ # ],
5855
+ # service_role: "ServiceRole",
5856
+ # log_config: {
5857
+ # log_group: "String",
5858
+ # log_stream: "String",
5859
+ # },
5860
+ # })
5861
+ #
5862
+ # @example Response structure
5863
+ #
5864
+ # resp.threat_model_id #=> String
5865
+ # resp.title #=> String
5866
+ # resp.agent_space_id #=> String
5867
+ # resp.description #=> String
5868
+ # resp.assets.endpoints #=> Array
5869
+ # resp.assets.endpoints[0].uri #=> String
5870
+ # resp.assets.actors #=> Array
5871
+ # resp.assets.actors[0].identifier #=> String
5872
+ # resp.assets.actors[0].uris #=> Array
5873
+ # resp.assets.actors[0].uris[0] #=> String
5874
+ # resp.assets.actors[0].authentication.provider_type #=> String, one of "SECRETS_MANAGER", "AWS_LAMBDA", "AWS_IAM_ROLE", "AWS_INTERNAL"
5875
+ # resp.assets.actors[0].authentication.value #=> String
5876
+ # resp.assets.actors[0].description #=> String
5877
+ # resp.assets.documents #=> Array
5878
+ # resp.assets.documents[0].s3_location #=> String
5879
+ # resp.assets.documents[0].artifact_id #=> String
5880
+ # resp.assets.documents[0].integrated_document.integration_id #=> String
5881
+ # resp.assets.documents[0].integrated_document.resource_id #=> String
5882
+ # resp.assets.source_code #=> Array
5883
+ # resp.assets.source_code[0].s3_location #=> String
5884
+ # resp.assets.integrated_repositories #=> Array
5885
+ # resp.assets.integrated_repositories[0].integration_id #=> String
5886
+ # resp.assets.integrated_repositories[0].provider_resource_id #=> String
5887
+ # resp.scope_docs #=> Array
5888
+ # resp.scope_docs[0].s3_location #=> String
5889
+ # resp.scope_docs[0].artifact_id #=> String
5890
+ # resp.scope_docs[0].integrated_document.integration_id #=> String
5891
+ # resp.scope_docs[0].integrated_document.resource_id #=> String
5892
+ # resp.service_role #=> String
5893
+ # resp.log_config.log_group #=> String
5894
+ # resp.log_config.log_stream #=> String
5895
+ # resp.created_at #=> Time
5896
+ # resp.updated_at #=> Time
5897
+ #
5898
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityagent-2025-09-06/UpdateThreatModel AWS API Documentation
5899
+ #
5900
+ # @overload update_threat_model(params = {})
5901
+ # @param [Hash] params ({})
5902
+ def update_threat_model(params = {}, options = {})
5903
+ req = build_request(:update_threat_model, params)
5904
+ req.send_request(options)
5905
+ end
5906
+
3785
5907
  # Initiates verification of a target domain. This checks whether the
3786
5908
  # domain ownership verification token has been properly configured.
3787
5909
  #
@@ -3841,7 +5963,7 @@ module Aws::SecurityAgent
3841
5963
  tracer: tracer
3842
5964
  )
3843
5965
  context[:gem_name] = 'aws-sdk-securityagent'
3844
- context[:gem_version] = '1.5.0'
5966
+ context[:gem_version] = '1.7.0'
3845
5967
  Seahorse::Client::Request.new(handlers, context)
3846
5968
  end
3847
5969