1. Packages
  2. Packages
  3. AWS Cloud Control
  4. API Docs
  5. securityagent
  6. Pentest

We recommend new projects start with resources from the AWS provider.

Viewing docs for AWS Cloud Control v1.62.0
published on Monday, Apr 20, 2026 by Pulumi
Schema (JSON)
pulumi/pulumi-aws-native

aws-native.securityagent.Pentest

aws-native logo

We recommend new projects start with resources from the AWS provider.

Viewing docs for AWS Cloud Control v1.62.0
published on Monday, Apr 20, 2026 by Pulumi
Schema (JSON)
pulumi/pulumi-aws-native

    Resource Type definition for AWS::SecurityAgent::Pentest

    Create Pentest Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Pentest(name: string, args: PentestArgs, opts?: CustomResourceOptions);
    @overload
def Pentest(resource_name: str,
            args: PentestArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def Pentest(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            agent_space_id: Optional[str] = None,
            assets: Optional[PentestAssetsArgs] = None,
            service_role: Optional[str] = None,
            code_remediation_strategy: Optional[PentestCodeRemediationStrategy] = None,
            exclude_risk_types: Optional[Sequence[PentestRiskType]] = None,
            log_config: Optional[PentestCloudWatchLogArgs] = None,
            network_traffic_config: Optional[PentestNetworkTrafficConfigArgs] = None,
            title: Optional[str] = None,
            vpc_config: Optional[PentestVpcConfigArgs] = None)
    func NewPentest(ctx *Context, name string, args PentestArgs, opts ...ResourceOption) (*Pentest, error)
    public Pentest(string name, PentestArgs args, CustomResourceOptions? opts = null)
    public Pentest(String name, PentestArgs args)
public Pentest(String name, PentestArgs args, CustomResourceOptions options)

    type: aws-native:securityagent:Pentest
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args PentestArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args PentestArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args PentestArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args PentestArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args PentestArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Pentest Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Pentest resource accepts the following input properties:

    AgentSpaceId string
    Identifier of agent space where the pentest should be created
    Assets Pulumi.AwsNative.SecurityAgent.Inputs.PentestAssets
    Collection of assets to be tested or used during the penetration test
    ServiceRole string
    Service role for accessing resources
    CodeRemediationStrategy Pulumi.AwsNative.SecurityAgent.PentestCodeRemediationStrategy
    Strategy for code remediation on findings
    ExcludeRiskTypes List<Pulumi.AwsNative.SecurityAgent.PentestRiskType>
    A list of risk types excluded from the pentest execution
    LogConfig Pulumi.AwsNative.SecurityAgent.Inputs.PentestCloudWatchLog
    CloudWatch logs config
    NetworkTrafficConfig Pulumi.AwsNative.SecurityAgent.Inputs.PentestNetworkTrafficConfig
    Configuration for network traffic filtering
    Title string
    Title of the penetration test
    VpcConfig Pulumi.AwsNative.SecurityAgent.Inputs.PentestVpcConfig
    VPC configuration that the security testing environment accesses
    AgentSpaceId string
    Identifier of agent space where the pentest should be created
    Assets PentestAssetsArgs
    Collection of assets to be tested or used during the penetration test
    ServiceRole string
    Service role for accessing resources
    CodeRemediationStrategy PentestCodeRemediationStrategy
    Strategy for code remediation on findings
    ExcludeRiskTypes []PentestRiskType
    A list of risk types excluded from the pentest execution
    LogConfig PentestCloudWatchLogArgs
    CloudWatch logs config
    NetworkTrafficConfig PentestNetworkTrafficConfigArgs
    Configuration for network traffic filtering
    Title string
    Title of the penetration test
    VpcConfig PentestVpcConfigArgs
    VPC configuration that the security testing environment accesses
    agentSpaceId String
    Identifier of agent space where the pentest should be created
    assets PentestAssets
    Collection of assets to be tested or used during the penetration test
    serviceRole String
    Service role for accessing resources
    codeRemediationStrategy PentestCodeRemediationStrategy
    Strategy for code remediation on findings
    excludeRiskTypes List<PentestRiskType>
    A list of risk types excluded from the pentest execution
    logConfig PentestCloudWatchLog
    CloudWatch logs config
    networkTrafficConfig PentestNetworkTrafficConfig
    Configuration for network traffic filtering
    title String
    Title of the penetration test
    vpcConfig PentestVpcConfig
    VPC configuration that the security testing environment accesses
    agentSpaceId string
    Identifier of agent space where the pentest should be created
    assets PentestAssets
    Collection of assets to be tested or used during the penetration test
    serviceRole string
    Service role for accessing resources
    codeRemediationStrategy PentestCodeRemediationStrategy
    Strategy for code remediation on findings
    excludeRiskTypes PentestRiskType[]
    A list of risk types excluded from the pentest execution
    logConfig PentestCloudWatchLog
    CloudWatch logs config
    networkTrafficConfig PentestNetworkTrafficConfig
    Configuration for network traffic filtering
    title string
    Title of the penetration test
    vpcConfig PentestVpcConfig
    VPC configuration that the security testing environment accesses
    agent_space_id str
    Identifier of agent space where the pentest should be created
    assets PentestAssetsArgs
    Collection of assets to be tested or used during the penetration test
    service_role str
    Service role for accessing resources
    code_remediation_strategy PentestCodeRemediationStrategy
    Strategy for code remediation on findings
    exclude_risk_types Sequence[PentestRiskType]
    A list of risk types excluded from the pentest execution
    log_config PentestCloudWatchLogArgs
    CloudWatch logs config
    network_traffic_config PentestNetworkTrafficConfigArgs
    Configuration for network traffic filtering
    title str
    Title of the penetration test
    vpc_config PentestVpcConfigArgs
    VPC configuration that the security testing environment accesses
    agentSpaceId String
    Identifier of agent space where the pentest should be created
    assets Property Map
    Collection of assets to be tested or used during the penetration test
    serviceRole String
    Service role for accessing resources
    codeRemediationStrategy "AUTOMATIC" | "DISABLED"
    Strategy for code remediation on findings
    excludeRiskTypes List<"CROSS_SITE_SCRIPTING" | "DEFAULT_CREDENTIALS" | "INSECURE_DIRECT_OBJECT_REFERENCE" | "PRIVILEGE_ESCALATION" | "SERVER_SIDE_TEMPLATE_INJECTION" | "COMMAND_INJECTION" | "CODE_INJECTION" | "SQL_INJECTION" | "ARBITRARY_FILE_UPLOAD" | "INSECURE_DESERIALIZATION" | "LOCAL_FILE_INCLUSION" | "INFORMATION_DISCLOSURE" | "PATH_TRAVERSAL" | "SERVER_SIDE_REQUEST_FORGERY" | "JSON_WEB_TOKEN_VULNERABILITIES" | "XML_EXTERNAL_ENTITY" | "FILE_DELETION" | "OTHER" | "GRAPHQL_VULNERABILITIES" | "BUSINESS_LOGIC_VULNERABILITIES" | "CRYPTOGRAPHIC_VULNERABILITIES" | "DENIAL_OF_SERVICE" | "FILE_ACCESS" | "FILE_CREATION" | "DATABASE_MODIFICATION" | "DATABASE_ACCESS" | "OUTBOUND_SERVICE_REQUEST" | "UNKNOWN">
    A list of risk types excluded from the pentest execution
    logConfig Property Map
    CloudWatch logs config
    networkTrafficConfig Property Map
    Configuration for network traffic filtering
    title String
    Title of the penetration test
    vpcConfig Property Map
    VPC configuration that the security testing environment accesses

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Pentest resource produces the following output properties:

    CreatedAt string
    Timestamp when the pentest was created
    Id string
    The provider-assigned unique ID for this managed resource.
    PentestId string
    Unique identifier of the pentest
    UpdatedAt string
    Timestamp when the pentest was last updated
    CreatedAt string
    Timestamp when the pentest was created
    Id string
    The provider-assigned unique ID for this managed resource.
    PentestId string
    Unique identifier of the pentest
    UpdatedAt string
    Timestamp when the pentest was last updated
    createdAt String
    Timestamp when the pentest was created
    id String
    The provider-assigned unique ID for this managed resource.
    pentestId String
    Unique identifier of the pentest
    updatedAt String
    Timestamp when the pentest was last updated
    createdAt string
    Timestamp when the pentest was created
    id string
    The provider-assigned unique ID for this managed resource.
    pentestId string
    Unique identifier of the pentest
    updatedAt string
    Timestamp when the pentest was last updated
    created_at str
    Timestamp when the pentest was created
    id str
    The provider-assigned unique ID for this managed resource.
    pentest_id str
    Unique identifier of the pentest
    updated_at str
    Timestamp when the pentest was last updated
    createdAt String
    Timestamp when the pentest was created
    id String
    The provider-assigned unique ID for this managed resource.
    pentestId String
    Unique identifier of the pentest
    updatedAt String
    Timestamp when the pentest was last updated

    Supporting Types

    PentestActor, PentestActorArgs

    An authenticated actor to be used during pentest execution
    Authentication Pulumi.AwsNative.SecurityAgent.Inputs.PentestAuthentication
    Authentication credentials for this actor
    Description string
    Description of the actor
    Identifier string
    Identifier for the actor
    Uris List<string>
    List of URIs this actor is authorized to access
    Authentication PentestAuthentication
    Authentication credentials for this actor
    Description string
    Description of the actor
    Identifier string
    Identifier for the actor
    Uris []string
    List of URIs this actor is authorized to access
    authentication PentestAuthentication
    Authentication credentials for this actor
    description String
    Description of the actor
    identifier String
    Identifier for the actor
    uris List<String>
    List of URIs this actor is authorized to access
    authentication PentestAuthentication
    Authentication credentials for this actor
    description string
    Description of the actor
    identifier string
    Identifier for the actor
    uris string[]
    List of URIs this actor is authorized to access
    authentication PentestAuthentication
    Authentication credentials for this actor
    description str
    Description of the actor
    identifier str
    Identifier for the actor
    uris Sequence[str]
    List of URIs this actor is authorized to access
    authentication Property Map
    Authentication credentials for this actor
    description String
    Description of the actor
    identifier String
    Identifier for the actor
    uris List<String>
    List of URIs this actor is authorized to access

    PentestAssets, PentestAssetsArgs

    Collection of assets to be tested during the pentest
    Actors []PentestActor
    List of actors used during testing
    Documents []PentestDocumentInfo
    List of documents providing additional context for the pentest
    Endpoints []PentestEndpoint
    List of endpoints to test
    IntegratedRepositories []PentestIntegratedRepository
    List of repositories connected via provider integrations
    SourceCode []PentestSourceCodeRepository
    List of source code repositories to analyze
    actors List<PentestActor>
    List of actors used during testing
    documents List<PentestDocumentInfo>
    List of documents providing additional context for the pentest
    endpoints List<PentestEndpoint>
    List of endpoints to test
    integratedRepositories List<PentestIntegratedRepository>
    List of repositories connected via provider integrations
    sourceCode List<PentestSourceCodeRepository>
    List of source code repositories to analyze
    actors PentestActor[]
    List of actors used during testing
    documents PentestDocumentInfo[]
    List of documents providing additional context for the pentest
    endpoints PentestEndpoint[]
    List of endpoints to test
    integratedRepositories PentestIntegratedRepository[]
    List of repositories connected via provider integrations
    sourceCode PentestSourceCodeRepository[]
    List of source code repositories to analyze
    actors Sequence[PentestActor]
    List of actors used during testing
    documents Sequence[PentestDocumentInfo]
    List of documents providing additional context for the pentest
    endpoints Sequence[PentestEndpoint]
    List of endpoints to test
    integrated_repositories Sequence[PentestIntegratedRepository]
    List of repositories connected via provider integrations
    source_code Sequence[PentestSourceCodeRepository]
    List of source code repositories to analyze
    actors List<Property Map>
    List of actors used during testing
    documents List<Property Map>
    List of documents providing additional context for the pentest
    endpoints List<Property Map>
    List of endpoints to test
    integratedRepositories List<Property Map>
    List of repositories connected via provider integrations
    sourceCode List<Property Map>
    List of source code repositories to analyze

    PentestAuthentication, PentestAuthenticationArgs

    Authentication configuration for a pentest actor
    ProviderType Pulumi.AwsNative.SecurityAgent.PentestAuthenticationProviderType
    Type of authentication provider
    Value string
    Reference value for the authentication provider, such as a secret ARN or Lambda ARN
    ProviderType PentestAuthenticationProviderType
    Type of authentication provider
    Value string
    Reference value for the authentication provider, such as a secret ARN or Lambda ARN
    providerType PentestAuthenticationProviderType
    Type of authentication provider
    value String
    Reference value for the authentication provider, such as a secret ARN or Lambda ARN
    providerType PentestAuthenticationProviderType
    Type of authentication provider
    value string
    Reference value for the authentication provider, such as a secret ARN or Lambda ARN
    provider_type PentestAuthenticationProviderType
    Type of authentication provider
    value str
    Reference value for the authentication provider, such as a secret ARN or Lambda ARN
    providerType "SECRETS_MANAGER" | "AWS_LAMBDA" | "AWS_IAM_ROLE" | "AWS_INTERNAL"
    Type of authentication provider
    value String
    Reference value for the authentication provider, such as a secret ARN or Lambda ARN

    PentestAuthenticationProviderType, PentestAuthenticationProviderTypeArgs

    SecretsManager
    SECRETS_MANAGER
    AwsLambda
    AWS_LAMBDA
    AwsIamRole
    AWS_IAM_ROLE
    AwsInternal
    AWS_INTERNAL
    PentestAuthenticationProviderTypeSecretsManager
    SECRETS_MANAGER
    PentestAuthenticationProviderTypeAwsLambda
    AWS_LAMBDA
    PentestAuthenticationProviderTypeAwsIamRole
    AWS_IAM_ROLE
    PentestAuthenticationProviderTypeAwsInternal
    AWS_INTERNAL
    SecretsManager
    SECRETS_MANAGER
    AwsLambda
    AWS_LAMBDA
    AwsIamRole
    AWS_IAM_ROLE
    AwsInternal
    AWS_INTERNAL
    SecretsManager
    SECRETS_MANAGER
    AwsLambda
    AWS_LAMBDA
    AwsIamRole
    AWS_IAM_ROLE
    AwsInternal
    AWS_INTERNAL
    SECRETS_MANAGER
    SECRETS_MANAGER
    AWS_LAMBDA
    AWS_LAMBDA
    AWS_IAM_ROLE
    AWS_IAM_ROLE
    AWS_INTERNAL
    AWS_INTERNAL
    "SECRETS_MANAGER"
    SECRETS_MANAGER
    "AWS_LAMBDA"
    AWS_LAMBDA
    "AWS_IAM_ROLE"
    AWS_IAM_ROLE
    "AWS_INTERNAL"
    AWS_INTERNAL

    PentestCloudWatchLog, PentestCloudWatchLogArgs

    CloudWatch Logs configuration for pentest output
    LogGroup string
    CloudWatch log group
    LogStream string
    CloudWatch log stream
    LogGroup string
    CloudWatch log group
    LogStream string
    CloudWatch log stream
    logGroup String
    CloudWatch log group
    logStream String
    CloudWatch log stream
    logGroup string
    CloudWatch log group
    logStream string
    CloudWatch log stream
    log_group str
    CloudWatch log group
    log_stream str
    CloudWatch log stream
    logGroup String
    CloudWatch log group
    logStream String
    CloudWatch log stream

    PentestCodeRemediationStrategy, PentestCodeRemediationStrategyArgs

    Automatic
    AUTOMATIC
    Disabled
    DISABLED
    PentestCodeRemediationStrategyAutomatic
    AUTOMATIC
    PentestCodeRemediationStrategyDisabled
    DISABLED
    Automatic
    AUTOMATIC
    Disabled
    DISABLED
    Automatic
    AUTOMATIC
    Disabled
    DISABLED
    AUTOMATIC
    AUTOMATIC
    DISABLED
    DISABLED
    "AUTOMATIC"
    AUTOMATIC
    "DISABLED"
    DISABLED

    PentestCustomHeader, PentestCustomHeaderArgs

    A custom header to include in outbound requests
    Name string
    Name of the header
    Value string
    Value of the header
    Name string
    Name of the header
    Value string
    Value of the header
    name String
    Name of the header
    value String
    Value of the header
    name string
    Name of the header
    value string
    Value of the header
    name str
    Name of the header
    value str
    Value of the header
    name String
    Name of the header
    value String
    Value of the header

    PentestDocumentInfo, PentestDocumentInfoArgs

    A document stored in S3 that provides context for the pentest
    ArtifactId string
    Artifact identifier
    S3Location string
    S3 document location
    ArtifactId string
    Artifact identifier
    S3Location string
    S3 document location
    artifactId String
    Artifact identifier
    s3Location String
    S3 document location
    artifactId string
    Artifact identifier
    s3Location string
    S3 document location
    artifact_id str
    Artifact identifier
    s3_location str
    S3 document location
    artifactId String
    Artifact identifier
    s3Location String
    S3 document location

    PentestEndpoint, PentestEndpointArgs

    An endpoint to be tested during the pentest
    Uri string
    URI of the endpoint to test
    Uri string
    URI of the endpoint to test
    uri String
    URI of the endpoint to test
    uri string
    URI of the endpoint to test
    uri str
    URI of the endpoint to test
    uri String
    URI of the endpoint to test

    PentestIntegratedRepository, PentestIntegratedRepositoryArgs

    A repository connected via a provider integration
    IntegrationId string
    Unique identifier of the provider integration
    ProviderResourceId string
    Identifier of the resource within the provider integration
    IntegrationId string
    Unique identifier of the provider integration
    ProviderResourceId string
    Identifier of the resource within the provider integration
    integrationId String
    Unique identifier of the provider integration
    providerResourceId String
    Identifier of the resource within the provider integration
    integrationId string
    Unique identifier of the provider integration
    providerResourceId string
    Identifier of the resource within the provider integration
    integration_id str
    Unique identifier of the provider integration
    provider_resource_id str
    Identifier of the resource within the provider integration
    integrationId String
    Unique identifier of the provider integration
    providerResourceId String
    Identifier of the resource within the provider integration

    PentestNetworkTrafficConfig, PentestNetworkTrafficConfigArgs

    Network traffic configuration for the pentest
    CustomHeaders []PentestCustomHeader
    Custom headers to include in outbound requests
    Rules []PentestNetworkTrafficRule
    Ordered list of network traffic rules
    customHeaders List<PentestCustomHeader>
    Custom headers to include in outbound requests
    rules List<PentestNetworkTrafficRule>
    Ordered list of network traffic rules
    customHeaders PentestCustomHeader[]
    Custom headers to include in outbound requests
    rules PentestNetworkTrafficRule[]
    Ordered list of network traffic rules
    custom_headers Sequence[PentestCustomHeader]
    Custom headers to include in outbound requests
    rules Sequence[PentestNetworkTrafficRule]
    Ordered list of network traffic rules
    customHeaders List<Property Map>
    Custom headers to include in outbound requests
    rules List<Property Map>
    Ordered list of network traffic rules

    PentestNetworkTrafficRule, PentestNetworkTrafficRuleArgs

    Network traffic rule
    Effect Pulumi.AwsNative.SecurityAgent.PentestNetworkTrafficRuleEffect
    Whether to allow or deny traffic matching this rule
    NetworkTrafficRuleType Pulumi.AwsNative.SecurityAgent.PentestNetworkTrafficRuleNetworkTrafficRuleType
    Type of pattern matching for this rule
    Pattern string
    URL pattern this rule applies to
    Effect PentestNetworkTrafficRuleEffect
    Whether to allow or deny traffic matching this rule
    NetworkTrafficRuleType PentestNetworkTrafficRuleNetworkTrafficRuleType
    Type of pattern matching for this rule
    Pattern string
    URL pattern this rule applies to
    effect PentestNetworkTrafficRuleEffect
    Whether to allow or deny traffic matching this rule
    networkTrafficRuleType PentestNetworkTrafficRuleNetworkTrafficRuleType
    Type of pattern matching for this rule
    pattern String
    URL pattern this rule applies to
    effect PentestNetworkTrafficRuleEffect
    Whether to allow or deny traffic matching this rule
    networkTrafficRuleType PentestNetworkTrafficRuleNetworkTrafficRuleType
    Type of pattern matching for this rule
    pattern string
    URL pattern this rule applies to
    effect PentestNetworkTrafficRuleEffect
    Whether to allow or deny traffic matching this rule
    network_traffic_rule_type PentestNetworkTrafficRuleNetworkTrafficRuleType
    Type of pattern matching for this rule
    pattern str
    URL pattern this rule applies to
    effect "ALLOW" | "DENY"
    Whether to allow or deny traffic matching this rule
    networkTrafficRuleType "URL"
    Type of pattern matching for this rule
    pattern String
    URL pattern this rule applies to

    PentestNetworkTrafficRuleEffect, PentestNetworkTrafficRuleEffectArgs

    Allow
    ALLOW
    Deny
    DENY
    PentestNetworkTrafficRuleEffectAllow
    ALLOW
    PentestNetworkTrafficRuleEffectDeny
    DENY
    Allow
    ALLOW
    Deny
    DENY
    Allow
    ALLOW
    Deny
    DENY
    ALLOW
    ALLOW
    DENY
    DENY
    "ALLOW"
    ALLOW
    "DENY"
    DENY

    PentestNetworkTrafficRuleNetworkTrafficRuleType, PentestNetworkTrafficRuleNetworkTrafficRuleTypeArgs

    Url
    URL
    PentestNetworkTrafficRuleNetworkTrafficRuleTypeUrl
    URL
    Url
    URL
    Url
    URL
    URL
    URL
    "URL"
    URL

    PentestRiskType, PentestRiskTypeArgs

    CrossSiteScripting
    CROSS_SITE_SCRIPTING
    DefaultCredentials
    DEFAULT_CREDENTIALS
    InsecureDirectObjectReference
    INSECURE_DIRECT_OBJECT_REFERENCE
    PrivilegeEscalation
    PRIVILEGE_ESCALATION
    ServerSideTemplateInjection
    SERVER_SIDE_TEMPLATE_INJECTION
    CommandInjection
    COMMAND_INJECTION
    CodeInjection
    CODE_INJECTION
    SqlInjection
    SQL_INJECTION
    ArbitraryFileUpload
    ARBITRARY_FILE_UPLOAD
    InsecureDeserialization
    INSECURE_DESERIALIZATION
    LocalFileInclusion
    LOCAL_FILE_INCLUSION
    InformationDisclosure
    INFORMATION_DISCLOSURE
    PathTraversal
    PATH_TRAVERSAL
    ServerSideRequestForgery
    SERVER_SIDE_REQUEST_FORGERY
    JsonWebTokenVulnerabilities
    JSON_WEB_TOKEN_VULNERABILITIES
    XmlExternalEntity
    XML_EXTERNAL_ENTITY
    FileDeletion
    FILE_DELETION
    Other
    OTHER
    GraphqlVulnerabilities
    GRAPHQL_VULNERABILITIES
    BusinessLogicVulnerabilities
    BUSINESS_LOGIC_VULNERABILITIES
    CryptographicVulnerabilities
    CRYPTOGRAPHIC_VULNERABILITIES
    DenialOfService
    DENIAL_OF_SERVICE
    FileAccess
    FILE_ACCESS
    FileCreation
    FILE_CREATION
    DatabaseModification
    DATABASE_MODIFICATION
    DatabaseAccess
    DATABASE_ACCESS
    OutboundServiceRequest
    OUTBOUND_SERVICE_REQUEST
    Unknown
    UNKNOWN
    PentestRiskTypeCrossSiteScripting
    CROSS_SITE_SCRIPTING
    PentestRiskTypeDefaultCredentials
    DEFAULT_CREDENTIALS
    PentestRiskTypeInsecureDirectObjectReference
    INSECURE_DIRECT_OBJECT_REFERENCE
    PentestRiskTypePrivilegeEscalation
    PRIVILEGE_ESCALATION
    PentestRiskTypeServerSideTemplateInjection
    SERVER_SIDE_TEMPLATE_INJECTION
    PentestRiskTypeCommandInjection
    COMMAND_INJECTION
    PentestRiskTypeCodeInjection
    CODE_INJECTION
    PentestRiskTypeSqlInjection
    SQL_INJECTION
    PentestRiskTypeArbitraryFileUpload
    ARBITRARY_FILE_UPLOAD
    PentestRiskTypeInsecureDeserialization
    INSECURE_DESERIALIZATION
    PentestRiskTypeLocalFileInclusion
    LOCAL_FILE_INCLUSION
    PentestRiskTypeInformationDisclosure
    INFORMATION_DISCLOSURE
    PentestRiskTypePathTraversal
    PATH_TRAVERSAL
    PentestRiskTypeServerSideRequestForgery
    SERVER_SIDE_REQUEST_FORGERY
    PentestRiskTypeJsonWebTokenVulnerabilities
    JSON_WEB_TOKEN_VULNERABILITIES
    PentestRiskTypeXmlExternalEntity
    XML_EXTERNAL_ENTITY
    PentestRiskTypeFileDeletion
    FILE_DELETION
    PentestRiskTypeOther
    OTHER
    PentestRiskTypeGraphqlVulnerabilities
    GRAPHQL_VULNERABILITIES
    PentestRiskTypeBusinessLogicVulnerabilities
    BUSINESS_LOGIC_VULNERABILITIES
    PentestRiskTypeCryptographicVulnerabilities
    CRYPTOGRAPHIC_VULNERABILITIES
    PentestRiskTypeDenialOfService
    DENIAL_OF_SERVICE
    PentestRiskTypeFileAccess
    FILE_ACCESS
    PentestRiskTypeFileCreation
    FILE_CREATION
    PentestRiskTypeDatabaseModification
    DATABASE_MODIFICATION
    PentestRiskTypeDatabaseAccess
    DATABASE_ACCESS
    PentestRiskTypeOutboundServiceRequest
    OUTBOUND_SERVICE_REQUEST
    PentestRiskTypeUnknown
    UNKNOWN
    CrossSiteScripting
    CROSS_SITE_SCRIPTING
    DefaultCredentials
    DEFAULT_CREDENTIALS
    InsecureDirectObjectReference
    INSECURE_DIRECT_OBJECT_REFERENCE
    PrivilegeEscalation
    PRIVILEGE_ESCALATION
    ServerSideTemplateInjection
    SERVER_SIDE_TEMPLATE_INJECTION
    CommandInjection
    COMMAND_INJECTION
    CodeInjection
    CODE_INJECTION
    SqlInjection
    SQL_INJECTION
    ArbitraryFileUpload
    ARBITRARY_FILE_UPLOAD
    InsecureDeserialization
    INSECURE_DESERIALIZATION
    LocalFileInclusion
    LOCAL_FILE_INCLUSION
    InformationDisclosure
    INFORMATION_DISCLOSURE
    PathTraversal
    PATH_TRAVERSAL
    ServerSideRequestForgery
    SERVER_SIDE_REQUEST_FORGERY
    JsonWebTokenVulnerabilities
    JSON_WEB_TOKEN_VULNERABILITIES
    XmlExternalEntity
    XML_EXTERNAL_ENTITY
    FileDeletion
    FILE_DELETION
    Other
    OTHER
    GraphqlVulnerabilities
    GRAPHQL_VULNERABILITIES
    BusinessLogicVulnerabilities
    BUSINESS_LOGIC_VULNERABILITIES
    CryptographicVulnerabilities
    CRYPTOGRAPHIC_VULNERABILITIES
    DenialOfService
    DENIAL_OF_SERVICE
    FileAccess
    FILE_ACCESS
    FileCreation
    FILE_CREATION
    DatabaseModification
    DATABASE_MODIFICATION
    DatabaseAccess
    DATABASE_ACCESS
    OutboundServiceRequest
    OUTBOUND_SERVICE_REQUEST
    Unknown
    UNKNOWN
    CrossSiteScripting
    CROSS_SITE_SCRIPTING
    DefaultCredentials
    DEFAULT_CREDENTIALS
    InsecureDirectObjectReference
    INSECURE_DIRECT_OBJECT_REFERENCE
    PrivilegeEscalation
    PRIVILEGE_ESCALATION
    ServerSideTemplateInjection
    SERVER_SIDE_TEMPLATE_INJECTION
    CommandInjection
    COMMAND_INJECTION
    CodeInjection
    CODE_INJECTION
    SqlInjection
    SQL_INJECTION
    ArbitraryFileUpload
    ARBITRARY_FILE_UPLOAD
    InsecureDeserialization
    INSECURE_DESERIALIZATION
    LocalFileInclusion
    LOCAL_FILE_INCLUSION
    InformationDisclosure
    INFORMATION_DISCLOSURE
    PathTraversal
    PATH_TRAVERSAL
    ServerSideRequestForgery
    SERVER_SIDE_REQUEST_FORGERY
    JsonWebTokenVulnerabilities
    JSON_WEB_TOKEN_VULNERABILITIES
    XmlExternalEntity
    XML_EXTERNAL_ENTITY
    FileDeletion
    FILE_DELETION
    Other
    OTHER
    GraphqlVulnerabilities
    GRAPHQL_VULNERABILITIES
    BusinessLogicVulnerabilities
    BUSINESS_LOGIC_VULNERABILITIES
    CryptographicVulnerabilities
    CRYPTOGRAPHIC_VULNERABILITIES
    DenialOfService
    DENIAL_OF_SERVICE
    FileAccess
    FILE_ACCESS
    FileCreation
    FILE_CREATION
    DatabaseModification
    DATABASE_MODIFICATION
    DatabaseAccess
    DATABASE_ACCESS
    OutboundServiceRequest
    OUTBOUND_SERVICE_REQUEST
    Unknown
    UNKNOWN
    CROSS_SITE_SCRIPTING
    CROSS_SITE_SCRIPTING
    DEFAULT_CREDENTIALS
    DEFAULT_CREDENTIALS
    INSECURE_DIRECT_OBJECT_REFERENCE
    INSECURE_DIRECT_OBJECT_REFERENCE
    PRIVILEGE_ESCALATION
    PRIVILEGE_ESCALATION
    SERVER_SIDE_TEMPLATE_INJECTION
    SERVER_SIDE_TEMPLATE_INJECTION
    COMMAND_INJECTION
    COMMAND_INJECTION
    CODE_INJECTION
    CODE_INJECTION
    SQL_INJECTION
    SQL_INJECTION
    ARBITRARY_FILE_UPLOAD
    ARBITRARY_FILE_UPLOAD
    INSECURE_DESERIALIZATION
    INSECURE_DESERIALIZATION
    LOCAL_FILE_INCLUSION
    LOCAL_FILE_INCLUSION
    INFORMATION_DISCLOSURE
    INFORMATION_DISCLOSURE
    PATH_TRAVERSAL
    PATH_TRAVERSAL
    SERVER_SIDE_REQUEST_FORGERY
    SERVER_SIDE_REQUEST_FORGERY
    JSON_WEB_TOKEN_VULNERABILITIES
    JSON_WEB_TOKEN_VULNERABILITIES
    XML_EXTERNAL_ENTITY
    XML_EXTERNAL_ENTITY
    FILE_DELETION
    FILE_DELETION
    OTHER
    OTHER
    GRAPHQL_VULNERABILITIES
    GRAPHQL_VULNERABILITIES
    BUSINESS_LOGIC_VULNERABILITIES
    BUSINESS_LOGIC_VULNERABILITIES
    CRYPTOGRAPHIC_VULNERABILITIES
    CRYPTOGRAPHIC_VULNERABILITIES
    DENIAL_OF_SERVICE
    DENIAL_OF_SERVICE
    FILE_ACCESS
    FILE_ACCESS
    FILE_CREATION
    FILE_CREATION
    DATABASE_MODIFICATION
    DATABASE_MODIFICATION
    DATABASE_ACCESS
    DATABASE_ACCESS
    OUTBOUND_SERVICE_REQUEST
    OUTBOUND_SERVICE_REQUEST
    UNKNOWN
    UNKNOWN
    "CROSS_SITE_SCRIPTING"
    CROSS_SITE_SCRIPTING
    "DEFAULT_CREDENTIALS"
    DEFAULT_CREDENTIALS
    "INSECURE_DIRECT_OBJECT_REFERENCE"
    INSECURE_DIRECT_OBJECT_REFERENCE
    "PRIVILEGE_ESCALATION"
    PRIVILEGE_ESCALATION
    "SERVER_SIDE_TEMPLATE_INJECTION"
    SERVER_SIDE_TEMPLATE_INJECTION
    "COMMAND_INJECTION"
    COMMAND_INJECTION
    "CODE_INJECTION"
    CODE_INJECTION
    "SQL_INJECTION"
    SQL_INJECTION
    "ARBITRARY_FILE_UPLOAD"
    ARBITRARY_FILE_UPLOAD
    "INSECURE_DESERIALIZATION"
    INSECURE_DESERIALIZATION
    "LOCAL_FILE_INCLUSION"
    LOCAL_FILE_INCLUSION
    "INFORMATION_DISCLOSURE"
    INFORMATION_DISCLOSURE
    "PATH_TRAVERSAL"
    PATH_TRAVERSAL
    "SERVER_SIDE_REQUEST_FORGERY"
    SERVER_SIDE_REQUEST_FORGERY
    "JSON_WEB_TOKEN_VULNERABILITIES"
    JSON_WEB_TOKEN_VULNERABILITIES
    "XML_EXTERNAL_ENTITY"
    XML_EXTERNAL_ENTITY
    "FILE_DELETION"
    FILE_DELETION
    "OTHER"
    OTHER
    "GRAPHQL_VULNERABILITIES"
    GRAPHQL_VULNERABILITIES
    "BUSINESS_LOGIC_VULNERABILITIES"
    BUSINESS_LOGIC_VULNERABILITIES
    "CRYPTOGRAPHIC_VULNERABILITIES"
    CRYPTOGRAPHIC_VULNERABILITIES
    "DENIAL_OF_SERVICE"
    DENIAL_OF_SERVICE
    "FILE_ACCESS"
    FILE_ACCESS
    "FILE_CREATION"
    FILE_CREATION
    "DATABASE_MODIFICATION"
    DATABASE_MODIFICATION
    "DATABASE_ACCESS"
    DATABASE_ACCESS
    "OUTBOUND_SERVICE_REQUEST"
    OUTBOUND_SERVICE_REQUEST
    "UNKNOWN"
    UNKNOWN

    PentestSourceCodeRepository, PentestSourceCodeRepositoryArgs

    A source code archive stored in S3 for analysis during the pentest
    S3Location string
    S3 source code location
    S3Location string
    S3 source code location
    s3Location String
    S3 source code location
    s3Location string
    S3 source code location
    s3_location str
    S3 source code location
    s3Location String
    S3 source code location

    PentestVpcConfig, PentestVpcConfigArgs

    VPC configuration that the pentest agent accesses
    SecurityGroupArns List<string>
    List of security groups in the VPC
    SubnetArns List<string>
    List of subnets in the VPC
    VpcArn string
    SecurityGroupArns []string
    List of security groups in the VPC
    SubnetArns []string
    List of subnets in the VPC
    VpcArn string
    securityGroupArns List<String>
    List of security groups in the VPC
    subnetArns List<String>
    List of subnets in the VPC
    vpcArn String
    securityGroupArns string[]
    List of security groups in the VPC
    subnetArns string[]
    List of subnets in the VPC
    vpcArn string
    security_group_arns Sequence[str]
    List of security groups in the VPC
    subnet_arns Sequence[str]
    List of subnets in the VPC
    vpc_arn str
    securityGroupArns List<String>
    List of security groups in the VPC
    subnetArns List<String>
    List of subnets in the VPC
    vpcArn String

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    Viewing docs for AWS Cloud Control v1.62.0
    published on Monday, Apr 20, 2026 by Pulumi
    Schema (JSON)
    pulumi/pulumi-aws-native
      Try Pulumi Cloud free. Your team will thank you.