AWS securityagent documentation change
Summary
Expanded remediation coverage to include both penetration test and code review findings, restructured steps to configure remediation through repository wizard with two entry paths, clarified automatic remediation process and outcomes.
Security assessment
The changes enhance documentation for a security feature (automatic remediation of findings) but show no evidence of addressing a specific vulnerability. Updates include broader feature coverage and improved setup instructions without security patches.
Diff
diff --git a/securityagent/latest/userguide/enable-remediate-findings.md b/securityagent/latest/userguide/enable-remediate-findings.md index 2445b7bed..28477790e 100644 --- a//securityagent/latest/userguide/enable-remediate-findings.md +++ b//securityagent/latest/userguide/enable-remediate-findings.md @@ -7 +7 @@ -PrerequisitesSelect repositories and enable code remediation capability +PrerequisitesOpen the repository configuration wizardEnable automatic remediation and save @@ -9 +9 @@ PrerequisitesSelect repositories and enable code remediation capability -# Enable users to start remediation of penetration test findings +# Enable users to start remediation of penetration test and code review findings @@ -11 +11 @@ PrerequisitesSelect repositories and enable code remediation capability -In the AWS Management Console, you can enable the code remediation feature that allows users to remediate findings in the penetration test web app. +In the AWS Management Console, you can enable automatic remediation so users of the AWS Security Agent web app can request fixes for a specific finding. AWS Security Agent delivers each fix as a GitHub pull request on the affected repository. @@ -13 +13 @@ In the AWS Management Console, you can enable the code remediation feature that -When you enable this functionality in the AWS Management Console, users of the AWS Security Agent web app can start code remediation for a specific finding. The remediation will be available as GitHub pull requests. +You enable remediation per repository from within an Agent Space. The **Penetration test** and **Code review** tabs open the same repository configuration wizard, so you can use either tab to manage the **Automatic remediation enabled** setting. Remediation applies to findings from both capabilities, so you only need to enable it once per repository. @@ -19 +19 @@ Before you begin, ensure you have: - 1. Enabled penetration test (see [Enable penetration test](./enable-penetration-test.html)) + 1. Enabled penetration testing (see [Enable penetration test](./enable-penetration-test.html)) or code review (see [Enable code review](./enable-code-review-scan.html)) @@ -26 +26,7 @@ Before you begin, ensure you have: -## Select repositories and enable code remediation capability +## Open the repository configuration wizard + +Choose the entry point that matches how your repositories are set up. + +### From the Penetration test tab + +Use this path to add GitHub repositories for penetration testing and configure remediation in the same pass. @@ -30 +36,26 @@ Before you begin, ensure you have: - 2. Choose **Penetration test** tab. + 2. Choose the **Penetration test** tab. + + 3. Select a GitHub registration that owns your repositories: + + 1. If you haven’t associated any GitHub registration with the Agent Space, choose **Add** in the **Connect GitHub to AWS Security Agent** information box to select a registration. + + 2. If one or more GitHub registrations are already associated, choose **Add** in the **Connected integrations** section to select another. + + 4. Choose **Next** to choose GitHub repositories. + + 5. Choose **Next** to configure repository capabilities. + + + + +### From the Code review tab + +Use this path when your repositories are already connected for code review. + + 1. Navigate to the Agent Space overview page. + + 2. Choose the **Code review** tab. + + 3. In the GitHub repositories table, choose **Edit** to open the repository configuration wizard. + + @@ -32 +62,0 @@ Before you begin, ensure you have: - 3. Select a GitHub registration that owns your GitHub repositories. @@ -34 +64 @@ Before you begin, ensure you have: - 1. If you haven’t associated any GitHub registration to the Agent Space, you can see a **Connect GitHub for penetration testing** information box. Click the **Add** button on its right side to select the GitHub registration. +## Enable automatic remediation and save @@ -36 +66 @@ Before you begin, ensure you have: - 2. If you already associated some GitHub registration to the Agent Space, you can add more by clicking the **Add** button in the **Connected integrations** section. +After you reach the repository capabilities step through either path above: @@ -38 +68 @@ Before you begin, ensure you have: - 4. Click **Next** to choose GitHub repositories. + 1. In the **Automatic remediation enabled** column, mark each repository you want remediated as **Enabled**. @@ -40 +70 @@ Before you begin, ensure you have: - 5. Click **Next** to configure repositories capabilities. In the **Pentest remediation enabled** column, mark the repositories as **Enabled** to allow the Agent Space to remediate the code according to the penetration findings. + 2. Choose **Connect** to save the configuration. @@ -42 +71,0 @@ Before you begin, ensure you have: - 6. Click **Connect** to finish the configuration. @@ -45,0 +75 @@ Before you begin, ensure you have: +Users of the web app can now start remediation for findings on these repositories, and AWS Security Agent will open pull requests with the proposed fixes.