aws-cdk-lib

import * as cdk from "../../core/lib"; import * as constructs from "constructs"; import * as cfn_parse from "../../core/lib/helpers-internal"; import { AgentSpaceReference, ApplicationReference, IAgentSpaceRef, IApplicationRef, IPentestRef, ITargetDomainRef, PentestReference, TargetDomainReference } from "../../interfaces/generated/aws-securityagent-interfaces.generated"; /** * Resource Type definition for AWS::SecurityAgent::AgentSpace. * * @cloudformationResource AWS::SecurityAgent::AgentSpace * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html */ export declare class CfnAgentSpace extends cdk.CfnResource implements cdk.IInspectable, IAgentSpaceRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnAgentSpace from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnAgentSpace; /** * Checks whether the given object is a CfnAgentSpace */ static isCfnAgentSpace(x: any): x is CfnAgentSpace; /** * AWS resource configuration. */ private _awsResources?; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * Details of code review settings. */ private _codeReviewSettings?; /** * Description of the agent space. */ private _description?; /** * Integrated Resources configuration. */ private _integratedResources?; /** * Identifier of the KMS key used to encrypt data. */ private _kmsKeyId?; /** * Name of the agent space. */ private _name; /** * Tags for the agent space. */ private _tags?; /** * List of target domain identifiers registered with the agent space. */ private _targetDomainIds?; /** * Create a new `AWS::SecurityAgent::AgentSpace`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnAgentSpaceProps); get agentSpaceRef(): AgentSpaceReference; /** * AWS resource configuration. */ get awsResources(): CfnAgentSpace.AWSResourcesProperty | cdk.IResolvable | undefined; /** * AWS resource configuration. */ set awsResources(value: CfnAgentSpace.AWSResourcesProperty | cdk.IResolvable | undefined); /** * Details of code review settings. */ get codeReviewSettings(): CfnAgentSpace.CodeReviewSettingsProperty | cdk.IResolvable | undefined; /** * Details of code review settings. */ set codeReviewSettings(value: CfnAgentSpace.CodeReviewSettingsProperty | cdk.IResolvable | undefined); /** * Description of the agent space. */ get description(): string | undefined; /** * Description of the agent space. */ set description(value: string | undefined); /** * Integrated Resources configuration. */ get integratedResources(): Array<CfnAgentSpace.IntegratedResourceProperty | cdk.IResolvable> | cdk.IResolvable | undefined; /** * Integrated Resources configuration. */ set integratedResources(value: Array<CfnAgentSpace.IntegratedResourceProperty | cdk.IResolvable> | cdk.IResolvable | undefined); /** * Identifier of the KMS key used to encrypt data. */ get kmsKeyId(): string | undefined; /** * Identifier of the KMS key used to encrypt data. */ set kmsKeyId(value: string | undefined); /** * Name of the agent space. */ get name(): string; /** * Name of the agent space. */ set name(value: string); /** * Tags for the agent space. */ get tags(): Array<cdk.CfnTag> | undefined; /** * Tags for the agent space. */ set tags(value: Array<cdk.CfnTag> | undefined); /** * List of target domain identifiers registered with the agent space. */ get targetDomainIds(): Array<string> | undefined; /** * List of target domain identifiers registered with the agent space. */ set targetDomainIds(value: Array<string> | undefined); /** * Unique identifier of the agent space * * @cloudformationAttribute AgentSpaceId */ get attrAgentSpaceId(): string; /** * Timestamp when the agent space was created * * @cloudformationAttribute CreatedAt */ get attrCreatedAt(): string; /** * Timestamp when the agent space was last updated * * @cloudformationAttribute UpdatedAt */ get attrUpdatedAt(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnAgentSpace { /** * AWS resource configuration. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-awsresources.html */ interface AWSResourcesProperty { /** * IAM role ARNs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-awsresources.html#cfn-securityagent-agentspace-awsresources-iamroles */ readonly iamRoles?: Array<string>; /** * Lambda function ARNs used to retrieve tester credentials for pentests. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-awsresources.html#cfn-securityagent-agentspace-awsresources-lambdafunctionarns */ readonly lambdaFunctionArns?: Array<string>; /** * CloudWatch log group ARNs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-awsresources.html#cfn-securityagent-agentspace-awsresources-loggroups */ readonly logGroups?: Array<string>; /** * S3 bucket ARNs. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-awsresources.html#cfn-securityagent-agentspace-awsresources-s3buckets */ readonly s3Buckets?: Array<string>; /** * SecretsManager secret ARNs used to store tester credentials for pentests. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-awsresources.html#cfn-securityagent-agentspace-awsresources-secretarns */ readonly secretArns?: Array<string>; /** * VPC configurations. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-awsresources.html#cfn-securityagent-agentspace-awsresources-vpcs */ readonly vpcs?: Array<cdk.IResolvable | CfnAgentSpace.VpcConfigProperty> | cdk.IResolvable; } /** * Customer VPC configuration that the security testing environment accesses. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-vpcconfig.html */ interface VpcConfigProperty { /** * List of security group ARNs in the customer VPC. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-vpcconfig.html#cfn-securityagent-agentspace-vpcconfig-securitygrouparns */ readonly securityGroupArns?: Array<string>; /** * List of subnet ARNs in the customer VPC. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-vpcconfig.html#cfn-securityagent-agentspace-vpcconfig-subnetarns */ readonly subnetArns?: Array<string>; /** * ARN of the customer VPC. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-vpcconfig.html#cfn-securityagent-agentspace-vpcconfig-vpcarn */ readonly vpcArn?: string; } /** * Details of code review settings. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-codereviewsettings.html */ interface CodeReviewSettingsProperty { /** * Whether Controls are utilized for code review analysis. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-codereviewsettings.html#cfn-securityagent-agentspace-codereviewsettings-controlsscanning */ readonly controlsScanning: boolean | cdk.IResolvable; /** * Whether general purpose analysis is performed for code review. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-codereviewsettings.html#cfn-securityagent-agentspace-codereviewsettings-generalpurposescanning */ readonly generalPurposeScanning: boolean | cdk.IResolvable; } /** * Integrated Resource details. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-integratedresource.html */ interface IntegratedResourceProperty { /** * Unique identifier of the Provider Integration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-agentspace-integratedresource.html#cfn-securityagent-agentspace-integratedresource-integration */ readonly integration: string; } } /** * Properties for defining a `CfnAgentSpace` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html */ export interface CfnAgentSpaceProps { /** * AWS resource configuration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-awsresources */ readonly awsResources?: CfnAgentSpace.AWSResourcesProperty | cdk.IResolvable; /** * Details of code review settings. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-codereviewsettings */ readonly codeReviewSettings?: CfnAgentSpace.CodeReviewSettingsProperty | cdk.IResolvable; /** * Description of the agent space. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-description */ readonly description?: string; /** * Integrated Resources configuration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-integratedresources */ readonly integratedResources?: Array<CfnAgentSpace.IntegratedResourceProperty | cdk.IResolvable> | cdk.IResolvable; /** * Identifier of the KMS key used to encrypt data. * * Can be a key ID, key ARN, alias name, or alias ARN. If not specified, an AWS managed key is used. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-kmskeyid */ readonly kmsKeyId?: string; /** * Name of the agent space. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-name */ readonly name: string; /** * Tags for the agent space. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-tags */ readonly tags?: Array<cdk.CfnTag>; /** * List of target domain identifiers registered with the agent space. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-agentspace.html#cfn-securityagent-agentspace-targetdomainids */ readonly targetDomainIds?: Array<string>; } /** * Resource Type definition for AWS::SecurityAgent::Application. * * @cloudformationResource AWS::SecurityAgent::Application * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-application.html */ export declare class CfnApplication extends cdk.CfnResource implements cdk.IInspectable, IApplicationRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnApplication from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnApplication; /** * Checks whether the given object is a CfnApplication */ static isCfnApplication(x: any): x is CfnApplication; /** * Creates a new IApplicationRef from a applicationId */ static fromApplicationId(scope: constructs.Construct, id: string, applicationId: string): IApplicationRef; static arnForApplication(resource: IApplicationRef): string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * Identifier of a KMS key. */ private _defaultKmsKeyId?; private _idCConfiguration?; private _roleArn?; /** * Tags for the application. */ private _tags?; /** * Create a new `AWS::SecurityAgent::Application`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props?: CfnApplicationProps); get applicationRef(): ApplicationReference; /** * Identifier of a KMS key. */ get defaultKmsKeyId(): string | undefined; /** * Identifier of a KMS key. */ set defaultKmsKeyId(value: string | undefined); get idCConfiguration(): CfnApplication.IdCConfigurationProperty | cdk.IResolvable | undefined; set idCConfiguration(value: CfnApplication.IdCConfigurationProperty | cdk.IResolvable | undefined); get roleArn(): string | undefined; set roleArn(value: string | undefined); /** * Tags for the application. */ get tags(): Array<cdk.CfnTag> | undefined; /** * Tags for the application. */ set tags(value: Array<cdk.CfnTag> | undefined); /** * @cloudformationAttribute ApplicationId */ get attrApplicationId(): string; /** * @cloudformationAttribute ApplicationName */ get attrApplicationName(): string; /** * @cloudformationAttribute Domain */ get attrDomain(): string; /** * @cloudformationAttribute IdCConfiguration.IdCApplicationArn */ get attrIdCConfigurationIdCApplicationArn(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnApplication { /** * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-application-idcconfiguration.html */ interface IdCConfigurationProperty { /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-application-idcconfiguration.html#cfn-securityagent-application-idcconfiguration-idcapplicationarn */ readonly idCApplicationArn?: string; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-application-idcconfiguration.html#cfn-securityagent-application-idcconfiguration-idcinstancearn */ readonly idCInstanceArn?: string; } } /** * Properties for defining a `CfnApplication` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-application.html */ export interface CfnApplicationProps { /** * Identifier of a KMS key. * * Can be a key ID, key ARN, alias name, or alias ARN. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-application.html#cfn-securityagent-application-defaultkmskeyid */ readonly defaultKmsKeyId?: string; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-application.html#cfn-securityagent-application-idcconfiguration */ readonly idCConfiguration?: CfnApplication.IdCConfigurationProperty | cdk.IResolvable; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-application.html#cfn-securityagent-application-rolearn */ readonly roleArn?: string; /** * Tags for the application. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-application.html#cfn-securityagent-application-tags */ readonly tags?: Array<cdk.CfnTag>; } /** * Resource Type definition for AWS::SecurityAgent::Pentest. * * @cloudformationResource AWS::SecurityAgent::Pentest * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html */ export declare class CfnPentest extends cdk.CfnResource implements cdk.IInspectable, IPentestRef { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnPentest from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnPentest; /** * Checks whether the given object is a CfnPentest */ static isCfnPentest(x: any): x is CfnPentest; /** * Identifier of agent space where the pentest should be created. */ private _agentSpaceId; /** * Collection of assets to be tested during the pentest. */ private _assets; /** * Strategy for remediating code vulnerabilities discovered during the pentest. */ private _codeRemediationStrategy?; /** * A list of risk types excluded from the pentest execution. */ private _excludeRiskTypes?; /** * CloudWatch Logs configuration for pentest output. */ private _logConfig?; /** * Network traffic configuration for the pentest. */ private _networkTrafficConfig?; /** * Service role for accessing resources. */ private _serviceRole; /** * Title of the penetration test. */ private _title?; /** * VPC configuration that the pentest agent accesses. */ private _vpcConfig?; /** * Create a new `AWS::SecurityAgent::Pentest`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnPentestProps); get pentestRef(): PentestReference; /** * Identifier of agent space where the pentest should be created. */ get agentSpaceId(): string; /** * Identifier of agent space where the pentest should be created. */ set agentSpaceId(value: string); /** * Collection of assets to be tested during the pentest. */ get assets(): CfnPentest.AssetsProperty | cdk.IResolvable; /** * Collection of assets to be tested during the pentest. */ set assets(value: CfnPentest.AssetsProperty | cdk.IResolvable); /** * Strategy for remediating code vulnerabilities discovered during the pentest. */ get codeRemediationStrategy(): string | undefined; /** * Strategy for remediating code vulnerabilities discovered during the pentest. */ set codeRemediationStrategy(value: string | undefined); /** * A list of risk types excluded from the pentest execution. */ get excludeRiskTypes(): Array<string> | undefined; /** * A list of risk types excluded from the pentest execution. */ set excludeRiskTypes(value: Array<string> | undefined); /** * CloudWatch Logs configuration for pentest output. */ get logConfig(): CfnPentest.CloudWatchLogProperty | cdk.IResolvable | undefined; /** * CloudWatch Logs configuration for pentest output. */ set logConfig(value: CfnPentest.CloudWatchLogProperty | cdk.IResolvable | undefined); /** * Network traffic configuration for the pentest. */ get networkTrafficConfig(): cdk.IResolvable | CfnPentest.NetworkTrafficConfigProperty | undefined; /** * Network traffic configuration for the pentest. */ set networkTrafficConfig(value: cdk.IResolvable | CfnPentest.NetworkTrafficConfigProperty | undefined); /** * Service role for accessing resources. */ get serviceRole(): string; /** * Service role for accessing resources. */ set serviceRole(value: string); /** * Title of the penetration test. */ get title(): string | undefined; /** * Title of the penetration test. */ set title(value: string | undefined); /** * VPC configuration that the pentest agent accesses. */ get vpcConfig(): cdk.IResolvable | CfnPentest.VpcConfigProperty | undefined; /** * VPC configuration that the pentest agent accesses. */ set vpcConfig(value: cdk.IResolvable | CfnPentest.VpcConfigProperty | undefined); /** * Timestamp when the pentest was created * * @cloudformationAttribute CreatedAt */ get attrCreatedAt(): string; /** * Unique identifier of the pentest * * @cloudformationAttribute PentestId */ get attrPentestId(): string; /** * Timestamp when the pentest was last updated * * @cloudformationAttribute UpdatedAt */ get attrUpdatedAt(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnPentest { /** * Collection of assets to be tested during the pentest. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-assets.html */ interface AssetsProperty { /** * List of actors used during testing. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-assets.html#cfn-securityagent-pentest-assets-actors */ readonly actors?: Array<CfnPentest.ActorProperty | cdk.IResolvable> | cdk.IResolvable; /** * List of documents providing additional context for the pentest. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-assets.html#cfn-securityagent-pentest-assets-documents */ readonly documents?: Array<CfnPentest.DocumentInfoProperty | cdk.IResolvable> | cdk.IResolvable; /** * List of endpoints to test. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-assets.html#cfn-securityagent-pentest-assets-endpoints */ readonly endpoints?: Array<CfnPentest.EndpointProperty | cdk.IResolvable> | cdk.IResolvable; /** * List of repositories connected via provider integrations. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-assets.html#cfn-securityagent-pentest-assets-integratedrepositories */ readonly integratedRepositories?: Array<CfnPentest.IntegratedRepositoryProperty | cdk.IResolvable> | cdk.IResolvable; /** * List of source code repositories to analyze. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-assets.html#cfn-securityagent-pentest-assets-sourcecode */ readonly sourceCode?: Array<cdk.IResolvable | CfnPentest.SourceCodeRepositoryProperty> | cdk.IResolvable; } /** * An endpoint to be tested during the pentest. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-endpoint.html */ interface EndpointProperty { /** * URI of the endpoint to test. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-endpoint.html#cfn-securityagent-pentest-endpoint-uri */ readonly uri?: string; } /** * An authenticated actor to be used during pentest execution. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-actor.html */ interface ActorProperty { /** * Authentication configuration for a pentest actor. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-actor.html#cfn-securityagent-pentest-actor-authentication */ readonly authentication?: CfnPentest.AuthenticationProperty | cdk.IResolvable; /** * Description of the actor. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-actor.html#cfn-securityagent-pentest-actor-description */ readonly description?: string; /** * Identifier for the actor. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-actor.html#cfn-securityagent-pentest-actor-identifier */ readonly identifier?: string; /** * List of URIs this actor is authorized to access. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-actor.html#cfn-securityagent-pentest-actor-uris */ readonly uris?: Array<string>; } /** * Authentication configuration for a pentest actor. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-authentication.html */ interface AuthenticationProperty { /** * Type of authentication provider. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-authentication.html#cfn-securityagent-pentest-authentication-providertype */ readonly providerType?: string; /** * Reference value for the authentication provider, such as a secret ARN or Lambda ARN. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-authentication.html#cfn-securityagent-pentest-authentication-value */ readonly value?: string; } /** * A document stored in S3 that provides context for the pentest. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-documentinfo.html */ interface DocumentInfoProperty { /** * Artifact identifier. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-documentinfo.html#cfn-securityagent-pentest-documentinfo-artifactid */ readonly artifactId?: string; /** * S3 document location. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-documentinfo.html#cfn-securityagent-pentest-documentinfo-s3location */ readonly s3Location?: string; } /** * A source code archive stored in S3 for analysis during the pentest. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-sourcecoderepository.html */ interface SourceCodeRepositoryProperty { /** * S3 source code location. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-sourcecoderepository.html#cfn-securityagent-pentest-sourcecoderepository-s3location */ readonly s3Location?: string; } /** * A repository connected via a provider integration. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-integratedrepository.html */ interface IntegratedRepositoryProperty { /** * Unique identifier of the provider integration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-integratedrepository.html#cfn-securityagent-pentest-integratedrepository-integrationid */ readonly integrationId: string; /** * Identifier of the resource within the provider integration. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-integratedrepository.html#cfn-securityagent-pentest-integratedrepository-providerresourceid */ readonly providerResourceId: string; } /** * CloudWatch Logs configuration for pentest output. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-cloudwatchlog.html */ interface CloudWatchLogProperty { /** * CloudWatch log group. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-cloudwatchlog.html#cfn-securityagent-pentest-cloudwatchlog-loggroup */ readonly logGroup?: string; /** * CloudWatch log stream. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-cloudwatchlog.html#cfn-securityagent-pentest-cloudwatchlog-logstream */ readonly logStream?: string; } /** * VPC configuration that the pentest agent accesses. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-vpcconfig.html */ interface VpcConfigProperty { /** * List of security groups in the VPC. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-vpcconfig.html#cfn-securityagent-pentest-vpcconfig-securitygrouparns */ readonly securityGroupArns?: Array<string>; /** * List of subnets in the VPC. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-vpcconfig.html#cfn-securityagent-pentest-vpcconfig-subnetarns */ readonly subnetArns?: Array<string>; /** * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-vpcconfig.html#cfn-securityagent-pentest-vpcconfig-vpcarn */ readonly vpcArn?: string; } /** * Network traffic configuration for the pentest. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-networktrafficconfig.html */ interface NetworkTrafficConfigProperty { /** * Custom headers to include in outbound requests. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-networktrafficconfig.html#cfn-securityagent-pentest-networktrafficconfig-customheaders */ readonly customHeaders?: Array<CfnPentest.CustomHeaderProperty | cdk.IResolvable> | cdk.IResolvable; /** * Ordered list of network traffic rules. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-networktrafficconfig.html#cfn-securityagent-pentest-networktrafficconfig-rules */ readonly rules?: Array<cdk.IResolvable | CfnPentest.NetworkTrafficRuleProperty> | cdk.IResolvable; } /** * Network traffic rule. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-networktrafficrule.html */ interface NetworkTrafficRuleProperty { /** * Whether to allow or deny traffic matching this rule. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-networktrafficrule.html#cfn-securityagent-pentest-networktrafficrule-effect */ readonly effect?: string; /** * Type of pattern matching for this rule. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-networktrafficrule.html#cfn-securityagent-pentest-networktrafficrule-networktrafficruletype */ readonly networkTrafficRuleType?: string; /** * URL pattern this rule applies to. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-networktrafficrule.html#cfn-securityagent-pentest-networktrafficrule-pattern */ readonly pattern?: string; } /** * A custom header to include in outbound requests. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-customheader.html */ interface CustomHeaderProperty { /** * Name of the header. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-customheader.html#cfn-securityagent-pentest-customheader-name */ readonly name?: string; /** * Value of the header. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-pentest-customheader.html#cfn-securityagent-pentest-customheader-value */ readonly value?: string; } } /** * Properties for defining a `CfnPentest` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html */ export interface CfnPentestProps { /** * Identifier of agent space where the pentest should be created. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-agentspaceid */ readonly agentSpaceId: string; /** * Collection of assets to be tested during the pentest. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-assets */ readonly assets: CfnPentest.AssetsProperty | cdk.IResolvable; /** * Strategy for remediating code vulnerabilities discovered during the pentest. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-coderemediationstrategy */ readonly codeRemediationStrategy?: string; /** * A list of risk types excluded from the pentest execution. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-excluderisktypes */ readonly excludeRiskTypes?: Array<string>; /** * CloudWatch Logs configuration for pentest output. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-logconfig */ readonly logConfig?: CfnPentest.CloudWatchLogProperty | cdk.IResolvable; /** * Network traffic configuration for the pentest. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-networktrafficconfig */ readonly networkTrafficConfig?: cdk.IResolvable | CfnPentest.NetworkTrafficConfigProperty; /** * Service role for accessing resources. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-servicerole */ readonly serviceRole: string; /** * Title of the penetration test. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-title */ readonly title?: string; /** * VPC configuration that the pentest agent accesses. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-pentest.html#cfn-securityagent-pentest-vpcconfig */ readonly vpcConfig?: cdk.IResolvable | CfnPentest.VpcConfigProperty; } /** * Resource Type definition for AWS::SecurityAgent::TargetDomain. * * @cloudformationResource AWS::SecurityAgent::TargetDomain * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-targetdomain.html */ export declare class CfnTargetDomain extends cdk.CfnResource implements cdk.IInspectable, ITargetDomainRef, cdk.ITaggableV2 { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME: string; /** * Build a CfnTargetDomain from CloudFormation properties * * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnTargetDomain; /** * Checks whether the given object is a CfnTargetDomain */ static isCfnTargetDomain(x: any): x is CfnTargetDomain; /** * Creates a new ITargetDomainRef from a targetDomainId */ static fromTargetDomainId(scope: constructs.Construct, id: string, targetDomainId: string): ITargetDomainRef; static arnForTargetDomain(resource: ITargetDomainRef): string; /** * Tag Manager which manages the tags for this resource */ readonly cdkTagManager: cdk.TagManager; /** * Tags for the target domain. */ private _tags?; /** * Domain name of the target domain. */ private _targetDomainName; /** * Verification method for the target domain. */ private _verificationMethod; /** * Create a new `AWS::SecurityAgent::TargetDomain`. * * @param scope Scope in which this resource is defined * @param id Construct identifier for this resource (unique in its scope) * @param props Resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnTargetDomainProps); get targetDomainRef(): TargetDomainReference; /** * Tags for the target domain. */ get tags(): Array<cdk.CfnTag> | undefined; /** * Tags for the target domain. */ set tags(value: Array<cdk.CfnTag> | undefined); /** * Domain name of the target domain. */ get targetDomainName(): string; /** * Domain name of the target domain. */ set targetDomainName(value: string); /** * Verification method for the target domain. */ get verificationMethod(): string; /** * Verification method for the target domain. */ set verificationMethod(value: string); /** * Timestamp when the target domain was registered * * @cloudformationAttribute CreatedAt */ get attrCreatedAt(): string; /** * Unique identifier of the target domain * * @cloudformationAttribute TargetDomainId */ get attrTargetDomainId(): string; /** * Verification details to verify registered target domain * * @cloudformationAttribute VerificationDetails */ get attrVerificationDetails(): cdk.IResolvable; /** * Current verification status of the registered target domain * * @cloudformationAttribute VerificationStatus */ get attrVerificationStatus(): string; /** * Timestamp when the target domain was last successfully verified * * @cloudformationAttribute VerifiedAt */ get attrVerifiedAt(): string; protected get cfnProperties(): Record<string, any>; /** * Examines the CloudFormation resource and discloses attributes * * @param inspector tree inspector to collect and process attributes */ inspect(inspector: cdk.TreeInspector): void; protected renderProperties(props: Record<string, any>): Record<string, any>; } export declare namespace CfnTargetDomain { /** * Verification details to verify registered target domain. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-verificationdetails.html */ interface VerificationDetailsProperty { /** * Represents DNS TXT verification details. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-verificationdetails.html#cfn-securityagent-targetdomain-verificationdetails-dnstxt */ readonly dnsTxt?: CfnTargetDomain.DnsVerificationProperty | cdk.IResolvable; /** * Represents HTTP route verification details. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-verificationdetails.html#cfn-securityagent-targetdomain-verificationdetails-httproute */ readonly httpRoute?: CfnTargetDomain.HttpVerificationProperty | cdk.IResolvable; /** * Type of domain ownership verification method. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-verificationdetails.html#cfn-securityagent-targetdomain-verificationdetails-method */ readonly method?: string; } /** * Represents DNS TXT verification details. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-dnsverification.html */ interface DnsVerificationProperty { /** * Record name to be added in DNS for target domain. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-dnsverification.html#cfn-securityagent-targetdomain-dnsverification-dnsrecordname */ readonly dnsRecordName?: string; /** * Type of record to be added in DNS for target domain. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-dnsverification.html#cfn-securityagent-targetdomain-dnsverification-dnsrecordtype */ readonly dnsRecordType?: string; /** * Token used to verify domain ownership. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-dnsverification.html#cfn-securityagent-targetdomain-dnsverification-token */ readonly token?: string; } /** * Represents HTTP route verification details. * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-httpverification.html */ interface HttpVerificationProperty { /** * Route path where verification token should be placed. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-httpverification.html#cfn-securityagent-targetdomain-httpverification-routepath */ readonly routePath?: string; /** * Token used to verify domain ownership. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityagent-targetdomain-httpverification.html#cfn-securityagent-targetdomain-httpverification-token */ readonly token?: string; } } /** * Properties for defining a `CfnTargetDomain` * * @struct * @stability external * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-targetdomain.html */ export interface CfnTargetDomainProps { /** * Tags for the target domain. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-targetdomain.html#cfn-securityagent-targetdomain-tags */ readonly tags?: Array<cdk.CfnTag>; /** * Domain name of the target domain. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-targetdomain.html#cfn-securityagent-targetdomain-targetdomainname */ readonly targetDomainName: string; /** * Verification method for the target domain. * * @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityagent-targetdomain.html#cfn-securityagent-targetdomain-verificationmethod */ readonly verificationMethod: string; } export type { IAgentSpaceRef, AgentSpaceReference }; export type { IApplicationRef, ApplicationReference }; export type { IPentestRef, PentestReference }; export type { ITargetDomainRef, TargetDomainReference };