Skip to content

/AWS1/IF_SAG=>CREATEPENTEST()

About CreatePentest

Creates a new pentest configuration

Method Signature

METHODS /AWS1/IF_SAG~CREATEPENTEST
  IMPORTING
    !IV_TITLE TYPE /AWS1/SAGSTRING OPTIONAL
    !IV_AGENTSPACEID TYPE /AWS1/SAGSTRING OPTIONAL
    !IO_ASSETS TYPE REF TO /AWS1/CL_SAGASSETS OPTIONAL
    !IT_EXCLUDERISKTYPES TYPE /AWS1/CL_SAGRISKTYPELIST_W=>TT_RISKTYPELIST OPTIONAL
    !IV_SERVICEROLE TYPE /AWS1/SAGSERVICEROLE OPTIONAL
    !IO_LOGCONFIG TYPE REF TO /AWS1/CL_SAGCLOUDWATCHLOG OPTIONAL
    !IO_VPCCONFIG TYPE REF TO /AWS1/CL_SAGVPCCONFIG OPTIONAL
    !IO_NETWORKTRAFFICCONFIG TYPE REF TO /AWS1/CL_SAGNETWORKTRAFCONFIG OPTIONAL
    !IV_CODEREMEDIATIONSTRATEGY TYPE /AWS1/SAGCODEREMEDSTRATEGY OPTIONAL
  RETURNING
    VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_sagcreatepntstoutput
  RAISING
    /AWS1/CX_SAGCLIENTEXC
    /AWS1/CX_SAGSERVEREXC
    /AWS1/CX_RT_TECHNICAL_GENERIC
    /AWS1/CX_RT_SERVICE_GENERIC.

IMPORTING

Required arguments:

iv_title TYPE /AWS1/SAGSTRING /AWS1/SAGSTRING

Title of the pentest

iv_agentspaceid TYPE /AWS1/SAGSTRING /AWS1/SAGSTRING

ID of the agent space where the pentest should be created

Optional arguments:

io_assets TYPE REF TO /AWS1/CL_SAGASSETS /AWS1/CL_SAGASSETS

Assets to be tested during the pentest

it_excluderisktypes TYPE /AWS1/CL_SAGRISKTYPELIST_W=>TT_RISKTYPELIST TT_RISKTYPELIST

A list of risk types excluded from the pentest execution

iv_servicerole TYPE /AWS1/SAGSERVICEROLE /AWS1/SAGSERVICEROLE

Service role ARN for accessing customer resources

io_logconfig TYPE REF TO /AWS1/CL_SAGCLOUDWATCHLOG /AWS1/CL_SAGCLOUDWATCHLOG

CloudWatch log group and stream prefix where pentest execution logs are stored

io_vpcconfig TYPE REF TO /AWS1/CL_SAGVPCCONFIG /AWS1/CL_SAGVPCCONFIG

VPC configuration that the Security Agent accesses

io_networktrafficconfig TYPE REF TO /AWS1/CL_SAGNETWORKTRAFCONFIG /AWS1/CL_SAGNETWORKTRAFCONFIG

Configuration for network traffic filtering

iv_coderemediationstrategy TYPE /AWS1/SAGCODEREMEDSTRATEGY /AWS1/SAGCODEREMEDSTRATEGY

Strategy for code remediation on findings

RETURNING

oo_output TYPE REF TO /aws1/cl_sagcreatepntstoutput /AWS1/CL_SAGCREATEPNTSTOUTPUT

Examples

Syntax Example

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->createpentest(
  io_assets = new /aws1/cl_sagassets(
    it_actors = VALUE /aws1/cl_sagactor=>tt_actorlist(
      (
        new /aws1/cl_sagactor(
          io_authentication = new /aws1/cl_sagauthentication(
            iv_providertype = |string|
            iv_value = |string|
          )
          it_uris = VALUE /aws1/cl_sagurilist_w=>tt_urilist(
            ( new /aws1/cl_sagurilist_w( |string| ) )
          )
          iv_description = |string|
          iv_identifier = |string|
        )
      )
    )
    it_documents = VALUE /aws1/cl_sagdocumentinfo=>tt_documentlist(
      (
        new /aws1/cl_sagdocumentinfo(
          iv_artifactid = |string|
          iv_s3location = |string|
        )
      )
    )
    it_endpoints = VALUE /aws1/cl_sagendpoint=>tt_endpointlist(
      ( new /aws1/cl_sagendpoint( |string| ) )
    )
    it_integratedrepositories = VALUE /aws1/cl_sagintgrtdrepository=>tt_integratedrepositorylist(
      (
        new /aws1/cl_sagintgrtdrepository(
          iv_integrationid = |string|
          iv_providerresourceid = |string|
        )
      )
    )
    it_sourcecode = VALUE /aws1/cl_sagsourcecoderepo=>tt_sourcecoderepositorylist(
      ( new /aws1/cl_sagsourcecoderepo( |string| ) )
    )
  )
  io_logconfig = new /aws1/cl_sagcloudwatchlog(
    iv_loggroup = |string|
    iv_logstream = |string|
  )
  io_networktrafficconfig = new /aws1/cl_sagnetworktrafconfig(
    it_customheaders = VALUE /aws1/cl_sagcustomheader=>tt_customheaderlist(
      (
        new /aws1/cl_sagcustomheader(
          iv_name = |string|
          iv_value = |string|
        )
      )
    )
    it_rules = VALUE /aws1/cl_sagnetworktrafficrule=>tt_networktrafficrulelist(
      (
        new /aws1/cl_sagnetworktrafficrule(
          iv_effect = |string|
          iv_networktrafficruletype = |string|
          iv_pattern = |string|
        )
      )
    )
  )
  io_vpcconfig = new /aws1/cl_sagvpcconfig(
    it_securitygrouparns = VALUE /aws1/cl_sagsecgrouparns_w=>tt_securitygrouparns(
      ( new /aws1/cl_sagsecgrouparns_w( |string| ) )
    )
    it_subnetarns = VALUE /aws1/cl_sagsubnetarns_w=>tt_subnetarns(
      ( new /aws1/cl_sagsubnetarns_w( |string| ) )
    )
    iv_vpcarn = |string|
  )
  it_excluderisktypes = VALUE /aws1/cl_sagrisktypelist_w=>tt_risktypelist(
    ( new /aws1/cl_sagrisktypelist_w( |string| ) )
  )
  iv_agentspaceid = |string|
  iv_coderemediationstrategy = |string|
  iv_servicerole = |string|
  iv_title = |string|
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  lv_string = lo_result->get_pentestid( ).
  lv_string = lo_result->get_title( ).
  lv_timestamp = lo_result->get_createdat( ).
  lv_timestamp = lo_result->get_updatedat( ).
  lo_assets = lo_result->get_assets( ).
  IF lo_assets IS NOT INITIAL.
    LOOP AT lo_assets->get_endpoints( ) into lo_row.
      lo_row_1 = lo_row.
      IF lo_row_1 IS NOT INITIAL.
        lv_string = lo_row_1->get_uri( ).
      ENDIF.
    ENDLOOP.
    LOOP AT lo_assets->get_actors( ) into lo_row_2.
      lo_row_3 = lo_row_2.
      IF lo_row_3 IS NOT INITIAL.
        lv_string = lo_row_3->get_identifier( ).
        LOOP AT lo_row_3->get_uris( ) into lo_row_4.
          lo_row_5 = lo_row_4.
          IF lo_row_5 IS NOT INITIAL.
            lv_string = lo_row_5->get_value( ).
          ENDIF.
        ENDLOOP.
        lo_authentication = lo_row_3->get_authentication( ).
        IF lo_authentication IS NOT INITIAL.
          lv_authenticationprovidert = lo_authentication->get_providertype( ).
          lv_string = lo_authentication->get_value( ).
        ENDIF.
        lv_string = lo_row_3->get_description( ).
      ENDIF.
    ENDLOOP.
    LOOP AT lo_assets->get_documents( ) into lo_row_6.
      lo_row_7 = lo_row_6.
      IF lo_row_7 IS NOT INITIAL.
        lv_string = lo_row_7->get_s3location( ).
        lv_string = lo_row_7->get_artifactid( ).
      ENDIF.
    ENDLOOP.
    LOOP AT lo_assets->get_sourcecode( ) into lo_row_8.
      lo_row_9 = lo_row_8.
      IF lo_row_9 IS NOT INITIAL.
        lv_string = lo_row_9->get_s3location( ).
      ENDIF.
    ENDLOOP.
    LOOP AT lo_assets->get_integratedrepositories( ) into lo_row_10.
      lo_row_11 = lo_row_10.
      IF lo_row_11 IS NOT INITIAL.
        lv_string = lo_row_11->get_integrationid( ).
        lv_string = lo_row_11->get_providerresourceid( ).
      ENDIF.
    ENDLOOP.
  ENDIF.
  LOOP AT lo_result->get_excluderisktypes( ) into lo_row_12.
    lo_row_13 = lo_row_12.
    IF lo_row_13 IS NOT INITIAL.
      lv_risktype = lo_row_13->get_value( ).
    ENDIF.
  ENDLOOP.
  lv_servicerole = lo_result->get_servicerole( ).
  lo_cloudwatchlog = lo_result->get_logconfig( ).
  IF lo_cloudwatchlog IS NOT INITIAL.
    lv_string = lo_cloudwatchlog->get_loggroup( ).
    lv_string = lo_cloudwatchlog->get_logstream( ).
  ENDIF.
  lv_string = lo_result->get_agentspaceid( ).
ENDIF.