AWS cli documentation change
Summary
Updated documentation for the 'batch-get-pentest-jobs' command with more detailed descriptions of parameters, outputs, and data structures related to penetration testing jobs. Added specific validation values, clarified resource identifiers, and improved explanations of security testing components.
Security assessment
The changes enhance documentation of security testing features (pentest jobs, actors, authentication methods, risk exclusions) but do not address a specific vulnerability or incident. Improvements include clarifying authentication providers (SECRETS_MANAGER, AWS_IAM_ROLE), network traffic rules, and error codes without indicating security fixes.
Diff
diff --git a/cli/latest/reference/securityagent/batch-get-pentest-jobs.md b/cli/latest/reference/securityagent/batch-get-pentest-jobs.md index 8879efc0a..caeb77eaf 100644 --- a//cli/latest/reference/securityagent/batch-get-pentest-jobs.md +++ b//cli/latest/reference/securityagent/batch-get-pentest-jobs.md @@ -15 +15 @@ - * [AWS CLI 2.34.41 Command Reference](../../index.html) » + * [AWS CLI 2.34.44 Command Reference](../../index.html) » @@ -59 +59 @@ First time using the AWS CLI? See the [User Guide](https://docs.aws.amazon.com/c -Retrieves multiple pentest jobs in a single request +Retrieves information about one or more pentest jobs in an agent space. @@ -96 +96 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi -> List of pentest job IDs to retrieve +> The list of pentest job identifiers to retrieve. @@ -108 +108 @@ Syntax: -> ID of the agent space where the pentest exists +> The unique identifier of the agent space that contains the pentest jobs. @@ -225 +225 @@ pentestJobs -> (list) -> List of successfully retrieved pentest jobs +> The list of pentest jobs that were found. @@ -229 +229 @@ pentestJobs -> (list) ->> Represents a pentest job +>> Represents a pentest job, which is an execution instance of a pentest. A pentest job progresses through preflight, static analysis, pentest, and finalizing steps. @@ -233 +233 @@ pentestJobs -> (list) ->>> Unique identifier of the pentest job +>>> The unique identifier of the pentest job. @@ -237 +237 @@ pentestJobs -> (list) ->>> Identifier of the parent pentest +>>> The unique identifier of the pentest associated with the job. @@ -241 +241 @@ pentestJobs -> (list) ->>> Title or name of the pentest +>>> The title of the pentest job. @@ -245 +245 @@ pentestJobs -> (list) ->>> Overview or description of the pentest job +>>> An overview of the pentest job results. @@ -249 +249 @@ pentestJobs -> (list) ->>> Current status of the pentest job +>>> The current status of the pentest job. @@ -263 +263 @@ pentestJobs -> (list) ->>> List of web application endpoints to test +>>> The list of endpoints being tested in the pentest job. @@ -267 +267 @@ pentestJobs -> (list) ->>>> Represents a web application endpoint to be tested +>>>> Represents a target endpoint for penetration testing. @@ -271 +271 @@ pentestJobs -> (list) ->>>>> URI of the endpoint to test +>>>>> The URI of the endpoint. @@ -275 +275 @@ pentestJobs -> (list) ->>> List of actors that interact with the system +>>> The list of actors used during the pentest job. @@ -279 +279 @@ pentestJobs -> (list) ->>>> Represents an entity that interacts with the system during security testing +>>>> Represents an actor used during penetration testing. An actor defines a user or entity that interacts with the target application, including authentication credentials and target URIs. @@ -283 +283 @@ pentestJobs -> (list) ->>>>> Unique identifier for the actor (case-insensitive) +>>>>> The unique identifier for the actor. @@ -287 +287 @@ pentestJobs -> (list) ->>>>> List of URIs accessible with the actor’s credentials +>>>>> The list of URIs that the actor targets during testing. @@ -293 +293 @@ pentestJobs -> (list) ->>>>> Authentication information used by the actor to access resources +>>>>> The authentication configuration for the actor. @@ -297 +297 @@ pentestJobs -> (list) ->>>>>> Provider type for the authentication credentials +>>>>>> The type of authentication provider. Valid values include SECRETS_MANAGER, AWS_LAMBDA, AWS_IAM_ROLE, and AWS_INTERNAL. @@ -310 +310 @@ pentestJobs -> (list) ->>>>>> Authentication credential value or reference +>>>>>> The authentication value, such as a secret ARN, Lambda function ARN, or IAM role ARN, depending on the provider type. @@ -314 +314 @@ pentestJobs -> (list) ->>>>> Additional description or details about the actor +>>>>> A description of the actor. @@ -318 +318 @@ pentestJobs -> (list) ->>> List of documents providing context for testing +>>> The list of documents providing context for the pentest job. @@ -322 +322 @@ pentestJobs -> (list) ->>>> Information about a document relevant to security testing +>>>> Represents a document that provides context for security testing. @@ -326 +326 @@ pentestJobs -> (list) ->>>>> S3 storage location of the document +>>>>> The Amazon S3 location of the document. @@ -330 +330 @@ pentestJobs -> (list) ->>>>> Artifact ID of the document +>>>>> The unique identifier of the artifact associated with the document. @@ -334 +334 @@ pentestJobs -> (list) ->>> List of source code repositories for static analysis +>>> The list of source code repositories analyzed during the pentest job. @@ -338 +338 @@ pentestJobs -> (list) ->>>> Information about a source code repository for static analysis +>>>> Represents a source code repository used for security analysis during a pentest. @@ -342 +342 @@ pentestJobs -> (list) ->>>>> S3 storage location of the repository +>>>>> The Amazon S3 location of the source code repository archive. @@ -346 +346 @@ pentestJobs -> (list) ->>> List of URL paths to exclude from testing +>>> The list of paths excluded from the pentest job. @@ -350 +350 @@ pentestJobs -> (list) ->>>> Represents a web application endpoint to be tested +>>>> Represents a target endpoint for penetration testing. @@ -354 +354 @@ pentestJobs -> (list) ->>>>> URI of the endpoint to test +>>>>> The URI of the endpoint. @@ -358 +358 @@ pentestJobs -> (list) ->>> List of allowed domains for network access +>>> The list of domains allowed during the pentest job. @@ -362 +362 @@ pentestJobs -> (list) ->>>> Represents a web application endpoint to be tested +>>>> Represents a target endpoint for penetration testing. @@ -366 +366 @@ pentestJobs -> (list) ->>>>> URI of the endpoint to test +>>>>> The URI of the endpoint. @@ -370 +370 @@ pentestJobs -> (list) ->>> A list of risk types excluded from the pentest job +>>> The list of risk types excluded from the pentest job. @@ -374 +374 @@ pentestJobs -> (list) ->>>> Type of security risk +>>>> Type of security risk. @@ -411 +411 @@ pentestJobs -> (list) ->>> List of execution steps for the pentest job +>>> The list of steps in the pentest job execution. @@ -415 +415 @@ pentestJobs -> (list) ->>>> Represents a single step in pentest job execution +>>>> Represents a step in the pentest job execution pipeline. Steps include preflight, static analysis, pentest, and finalizing. @@ -419 +419 @@ pentestJobs -> (list) ->>>>> Name of the execution step +>>>>> The name of the step. Valid values include PREFLIGHT, STATIC_ANALYSIS, PENTEST, and FINALIZING. @@ -432 +432 @@ pentestJobs -> (list) ->>>>> Current status of the step +>>>>> The current status of the step. @@ -446 +446 @@ pentestJobs -> (list) ->>>>> Timestamp when the step was created +>>>>> The date and time the step was created, in UTC format. @@ -450 +450 @@ pentestJobs -> (list) ->>>>> Timestamp when the step was last updated +>>>>> The date and time the step was last updated, in UTC format. @@ -454 +454 @@ pentestJobs -> (list) ->>> A list of execution context messages associated with the pentest job +>>> The execution context messages for the pentest job. @@ -458 +458 @@ pentestJobs -> (list) ->>>> Additional context about a pentest or task execution +>>>> Contains contextual information about the execution of a pentest job, such as errors, warnings, or informational messages. @@ -462 +462 @@ pentestJobs -> (list) ->>>>> The category of context +>>>>> The type of context. Valid values include ERROR, CLIENT_ERROR, WARNING, and INFO. @@ -475 +475 @@ pentestJobs -> (list) ->>>>> Context associated with a pentest or task execution +>>>>> The context message. @@ -479 +479 @@ pentestJobs -> (list) ->>>>> Timestamp associated with a pentest or task execution +>>>>> The date and time the context was recorded, in UTC format. @@ -483 +483 @@ pentestJobs -> (list) ->>> Service role ARN for accessing customer resources +>>> The IAM service role used for the pentest job. @@ -487 +487 @@ pentestJobs -> (list) ->>> CloudWatch log group and stream prefix where pentest job logs are stored +>>> The CloudWatch Logs configuration for the pentest job. @@ -491 +491 @@ pentestJobs -> (list) ->>>> Name of the CloudWatch log group +>>>> The name of the CloudWatch log group. @@ -495 +495 @@ pentestJobs -> (list) ->>>> Name of the CloudWatch log stream +>>>> The name of the CloudWatch log stream. @@ -499 +499 @@ pentestJobs -> (list) ->>> VPC configuration that the Security Agent accesses +>>> The VPC configuration for the pentest job. @@ -503 +503 @@ pentestJobs -> (list) ->>>> ARN or ID of the customer VPC +>>>> The Amazon Resource Name (ARN) of the VPC. @@ -507 +507 @@ pentestJobs -> (list) ->>>> List of security group ARNs or IDs in the customer VPC +>>>> The Amazon Resource Names (ARNs) of the security groups for the VPC configuration. @@ -511 +511 @@ pentestJobs -> (list) ->>>>> ARN or ID of a security group +>>>>> ARN or ID of a security group. @@ -515 +515 @@ pentestJobs -> (list) ->>>> List of subnet ARNs or IDs in the customer VPC +>>>> The Amazon Resource Names (ARNs) of the subnets for the VPC configuration. @@ -519 +519 @@ pentestJobs -> (list) ->>>>> ARN or ID of a subnet +>>>>> ARN or ID of a subnet. @@ -523 +523 @@ pentestJobs -> (list) ->>> Configuration for network traffic filtering +>>> The network traffic configuration for the pentest job. @@ -527 +527 @@ pentestJobs -> (list) ->>>> Traffic filtering rules +>>>> The list of network traffic rules that control which URLs are allowed or denied during testing. @@ -531 +531 @@ pentestJobs -> (list) ->>>>> Network traffic filtering rule +>>>>> A rule that controls network traffic during penetration testing by allowing or denying traffic to specific URL patterns. @@ -535 +535 @@ pentestJobs -> (list) ->>>>>> Action to take when the rule matches +>>>>>> The effect of the rule. Valid values are ALLOW and DENY. @@ -546 +546 @@ pentestJobs -> (list) ->>>>>> Pattern to match against +>>>>>> The URL pattern to match for the rule. @@ -550 +550 @@ pentestJobs -> (list) ->>>>>> Type of network traffic rule +>>>>>> The type of the network traffic rule. Currently, only URL is supported. @@ -560 +560 @@ pentestJobs -> (list) ->>>> Custom headers for requests +>>>> The list of custom HTTP headers to include in network traffic during testing. @@ -564 +564 @@ pentestJobs -> (list)