Amazon CodeGuru Security

Amazon CodeGuru Security is a static application security testing (SAST) service that uses machine learning to detect security vulnerabilities in your code. It identifies vulnerabilities such as injection flaws, data exposure risks, and infrastructure-as-code misconfigurations, and provides actionable remediation guidance to help developers fix security issues quickly.

1 APIs 5 Features
AmazonSecuritySASTCode AnalysisDevSecOpsDeveloper Tools

APIs

Amazon CodeGuru Security API

The Amazon CodeGuru Security REST API.

MCP Servers

Features

Static Application Security Testing

Analyze source code for security vulnerabilities without running the application using machine learning-powered SAST.

Multi-Language Support

Detect security issues in Java, Python, JavaScript, TypeScript, C, C++, C#, Go, Ruby, and Kotlin code.

Infrastructure-as-Code Scanning

Detect security misconfigurations in CloudFormation, Terraform, CDK, and other IaC templates.

Severity Classification

Classify findings by severity (Critical, High, Medium, Low, Informational) to help prioritize remediation.

Remediation Guidance

Provide detailed remediation recommendations including suggested code fixes for each identified vulnerability.

Use Cases

DevSecOps Integration

Integrate security scanning into CI/CD pipelines to detect vulnerabilities before code reaches production.

Security Audit and Compliance

Run security scans on existing codebases to identify and remediate vulnerabilities for compliance audits.

IaC Security Validation

Scan infrastructure-as-code templates for security misconfigurations before provisioning cloud resources.

Integrations

AWS CodeBuild

Run security scans as part of CodeBuild build projects for CI/CD integration.

GitHub Actions

Add CodeGuru Security scanning to GitHub Actions workflows.

AWS Security Hub

Send security findings to Security Hub for centralized security management.

Amazon S3

Store and retrieve code bundles for security scanning from S3.

Semantic Vocabularies

Amazon Codeguru Security Context

49 classes · 70 properties

JSON-LD

API Governance Rules

Amazon CodeGuru Security API Rules

10 rules · 5 errors 4 warnings 1 info

SPECTRAL

JSON Structure

Amazon Codeguru Security Code Line Structure

2 properties

JSON STRUCTURE

Amazon Codeguru Security Double Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Error Code Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security File Path Structure

5 properties

JSON STRUCTURE

Amazon Codeguru Security Finding Structure

16 properties

JSON STRUCTURE

Amazon Codeguru Security Findings Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Header Key Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Integer Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Long Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Next Token Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Resource Structure

2 properties

JSON STRUCTURE

Amazon Codeguru Security S3 Url Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Scan Name Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Scan State Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Scan Type Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Severity Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Status Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security String Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Tag Key Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Tag Map Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Tag Value Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Timestamp Structure

0 properties

JSON STRUCTURE

Amazon Codeguru Security Uuid Structure

0 properties

JSON STRUCTURE

Example Payloads

Resources

🔗
TrustCenter
TrustCenter
🔗
VulnerabilityDisclosure
VulnerabilityDisclosure
🔗
DomainSecurity
DomainSecurity
🔑
Authentication
Authentication
🚀
GettingStarted
GettingStarted
💰
Pricing
Pricing
🌐
Console
Console
🌐
Portal
Portal
🔗
Documentation
Documentation
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
🟢
StatusPage
StatusPage
📰
Blog
Blog
📝
SignUp
SignUp
👥
GitHubOrganization
GitHubOrganization
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary
🔗
JSONLD
JSONLD
🔗
WellKnown
WellKnown
🔗
MCPServer
MCPServer
🔗
LLMsTxt
LLMsTxt
🔗
Conformance
Conformance
🔗
ErrorCatalog
ErrorCatalog
🔗
Lifecycle
Lifecycle

Sources

Raw ↑
aid: amazon-codeguru-security
name: Amazon CodeGuru Security
description: Amazon CodeGuru Security is a static application security testing (SAST) service that uses machine learning to
  detect security vulnerabilities in your code. It identifies vulnerabilities such as injection flaws, data exposure risks,
  and infrastructure-as-code misconfigurations, and provides actionable remediation guidance to help developers fix security
  issues quickly.
type: Index
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
tags:
- Amazon
- AWS
- Security
- SAST
- Code Analysis
- DevSecOps
- Developer Tools
url: https://raw.githubusercontent.com/api-evangelist/amazon-codeguru-security/refs/heads/main/apis.yml
created: '2026-03-16'
modified: '2026-06-20'
specificationVersion: '0.19'
apis:
- aid: amazon-codeguru-security:amazon-codeguru-security-api
  name: Amazon CodeGuru Security API
  description: The Amazon CodeGuru Security REST API.
  humanURL: https://docs.aws.amazon.com/codeguru/latest/security-api/Welcome.html
  baseURL: https://codeguru-security.us-east-1.amazonaws.com
  tags:
  - Amazon
  - AWS
  - Security
  - SAST
  - Code Analysis
  properties:
  - type: Documentation
    url: https://docs.aws.amazon.com/codegurusecurity/
  - type: APIReference
    url: https://docs.aws.amazon.com/codeguru/latest/security-api/Welcome.html
  - type: OpenAPI
    url: openapi/amazon-codeguru-security-openapi-original.yaml
  - type: Packages
    url: packages/amazon-codeguru-security-packages.yml
  - type: Overlay
    url: overlays/amazon-codeguru-security-openapi-overlay.yaml
common:
- type: TrustCenter
  url: security/amazon-codeguru-security-trust-center.yml
- type: VulnerabilityDisclosure
  url: security/amazon-codeguru-security-vulnerability-disclosure.yml
- type: DomainSecurity
  url: security/amazon-codeguru-security-domain-security.yml
- type: Authentication
  url: authentication/amazon-codeguru-security-authentication.yml
- type: GettingStarted
  url: https://docs.aws.amazon.com/codeguru/security
- type: Pricing
  url: https://aws.amazon.com/codegurusecurity/pricing/
- type: Console
  url: https://console.aws.amazon.com/codegurusecurity/
- type: Portal
  url: https://aws.amazon.com/codegurusecurity/
- type: Documentation
  url: https://docs.aws.amazon.com/codegurusecurity/
- type: TermsOfService
  url: https://aws.amazon.com/service-terms/
- type: PrivacyPolicy
  url: https://aws.amazon.com/privacy/
- type: StatusPage
  url: https://health.aws.amazon.com/health/status
- type: Blog
  url: https://aws.amazon.com/blogs/devops/
- type: SignUp
  url: https://portal.aws.amazon.com/gp/aws/developer/registration/index.html
- type: GitHubOrganization
  url: https://github.com/aws
- type: SpectralRules
  url: rules/amazon-codeguru-security-spectral-rules.yml
- type: Vocabulary
  url: vocabulary/amazon-codeguru-security-vocabulary.yaml
- type: JSONLD
  url: json-ld/amazon-codeguru-security-context.jsonld
- type: WellKnown
  url: well-known/amazon-codeguru-security-well-known.yml
- type: MCPServer
  url: mcp/amazon-codeguru-security-mcp.yml
- type: LLMsTxt
  url: llms/amazon-codeguru-security-llms.txt
- type: Conformance
  url: conformance/amazon-codeguru-security-conformance.yml
- type: ErrorCatalog
  url: errors/amazon-codeguru-security-problem-types.yml
- type: Lifecycle
  url: lifecycle/amazon-codeguru-security-lifecycle.yml
- type: Features
  data:
  - name: Static Application Security Testing
    description: Analyze source code for security vulnerabilities without running the application using machine learning-powered
      SAST.
  - name: Multi-Language Support
    description: Detect security issues in Java, Python, JavaScript, TypeScript, C, C++, C#, Go, Ruby, and Kotlin code.
  - name: Infrastructure-as-Code Scanning
    description: Detect security misconfigurations in CloudFormation, Terraform, CDK, and other IaC templates.
  - name: Severity Classification
    description: Classify findings by severity (Critical, High, Medium, Low, Informational) to help prioritize remediation.
  - name: Remediation Guidance
    description: Provide detailed remediation recommendations including suggested code fixes for each identified vulnerability.
- type: UseCases
  data:
  - name: DevSecOps Integration
    description: Integrate security scanning into CI/CD pipelines to detect vulnerabilities before code reaches production.
  - name: Security Audit and Compliance
    description: Run security scans on existing codebases to identify and remediate vulnerabilities for compliance audits.
  - name: IaC Security Validation
    description: Scan infrastructure-as-code templates for security misconfigurations before provisioning cloud resources.
- type: Integrations
  data:
  - name: AWS CodeBuild
    description: Run security scans as part of CodeBuild build projects for CI/CD integration.
  - name: GitHub Actions
    description: Add CodeGuru Security scanning to GitHub Actions workflows.
  - name: AWS Security Hub
    description: Send security findings to Security Hub for centralized security management.
  - name: Amazon S3
    description: Store and retrieve code bundles for security scanning from S3.
maintainers:
- FN: Kin Lane
  email: kin@apievangelist.com