Security Agent sourceCode requires ZIP archive, documents accepts raw files
1 min read
Security Agent has two ways to provide source code — sourceCode and documents — but they have different input format requirements.
Pointing sourceCode at a raw .py file on S3:
ValidationException: Source code S3 URL must point to a ZIP archive.
The provided URL appears to be a folder/prefix:
https://bucket.s3.amazonaws.com/app.py.
Please compress your code into a ZIP file (e.g., app.py.zip)ZIP it first:
zip app.zip app.py
aws s3 cp app.zip s3://bucket/app.zip
aws securityagent update-pentest --assets '{"sourceCode": [{"s3Location": "s3://bucket/app.zip"}]}'Meanwhile documents accepts raw files directly:
aws securityagent update-pentest --assets '{"documents": [{"s3Location": "s3://bucket/app.py"}]}'sourceCode is for static analysis (CODE SCANNER), documents is for test context — different purposes, different input formats.
