awsdocs
diff --git a/‎scenarios/basics/guardduty/SPECIFICATION.md‎
Lines changed: 87 additions & 0 deletions b/‎scenarios/basics/guardduty/SPECIFICATION.md‎
Lines changed: 87 additions & 0 deletions
diff --git a/‎scenarios/basics/inspector/SPECIFICATION.md‎
Lines changed: 89 additions & 0 deletions b/‎scenarios/basics/inspector/SPECIFICATION.md‎
Lines changed: 89 additions & 0 deletions
diff --git a/‎steering_docs/dotnet-tech.md‎
Lines changed: 200 additions & 0 deletions b/‎steering_docs/dotnet-tech.md‎
Lines changed: 200 additions & 0 deletions
@@ -0,0 +1,87 @@
+# Amazon GuardDuty Specification
+
+This document contains a draft proposal for a Code Example for *Amazon GuardDuty Basics Scenario*, generated by the Code Examples SpecGen AI tool. The specifications describe a potential code example scenario based on research, usage data, service information, and AI-assistance. The following should be reviewed for accuracy and correctness before proceeding on to a final specification.
+
+### Relevant documentation
+
+* [Getting started with GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_settingup.html)
+* [What is Amazon GuardDuty?](https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html)
+* [Amazon GuardDuty API Reference](https://docs.aws.amazon.com/guardduty/latest/APIReference/Welcome.html)
+* [GuardDuty Pricing](https://aws.amazon.com/guardduty/pricing/)
+
+### API Actions Used
+
+* [CreateDetector](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateDetector.html)
+* [GetDetector](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetDetector.html)
+* [ListDetectors](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html)
+* [CreateSampleFindings](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_CreateSampleFindings.html)
+* [ListFindings](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListFindings.html)
+* [GetFindings](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetFindings.html)
+* [DeleteDetector](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteDetector.html)
+
+## Proposed example structure
+
+The details below describe how this example would run for the customer. It includes a Hello service example (included for all services), and the scenario details. The scenario code would also be presented as Action snippets, with a code snippet for each SDK action.
+
+### Hello
+
+The Hello example is a separate runnable example. - Set up the GuardDuty service client - Check if GuardDuty is available in the current region - List any existing detectors
+
+## Scenario
+
+#### Setup
+
+* Create a GuardDuty detector to enable threat detection
+* Verify the detector is successfully created and active
+* Display detector configuration and status
+
+#### Sample Findings Generation
+
+* Generate sample findings to demonstrate GuardDuty capabilities
+* List the generated sample findings
+* Display finding details including severity and type
+
+#### Findings Management
+
+* Retrieve detailed information about specific findings
+* Filter findings by severity level
+* Display finding metadata and threat information
+
+#### Cleanup
+
+* Archive or acknowledge sample findings
+* Optionally disable the detector (with user confirmation)
+* Clean up resources created during the example
+
+## Errors
+
+SDK Code examples include basic exception handling for each action used. The table below describes an appropriate exception which will be handled in the code for each service action.
+
+|Action	|Error	|Handling	|
+|---	|---	|---	|
+|`CreateDetector`	|BadRequestException	|Validate input parameters and notify user of invalid configuration.	|
+|`CreateDetector`	|InternalServerErrorException	|Retry operation with exponential backoff.	|
+|`GetDetector`	|BadRequestException	|Validate detector ID format and existence.	|
+|`GetDetector`	|InternalServerErrorException	|Retry operation and handle service unavailability.	|
+|`ListDetectors`	|BadRequestException	|Validate pagination parameters and retry.	|
+|`ListDetectors`	|InternalServerErrorException	|Handle service errors gracefully.	|
+|`CreateSampleFindings`	|BadRequestException	|Validate detector ID and finding types.	|
+|`CreateSampleFindings`	|InternalServerErrorException	|Retry sample finding generation.	|
+|`ListFindings`	|BadRequestException	|Validate finding criteria and pagination.	|
+|`GetFindings`	|BadRequestException	|Validate finding IDs format.	|
+|`DeleteDetector`	|BadRequestException	|Confirm detector exists before deletion.	|
+|`DeleteDetector`	|InternalServerErrorException	|Handle deletion failures gracefully.	|
+
+## Metadata
+
+|action / scenario	|metadata file	|metadata key	|
+|---	|---	|---	|
+|`CreateDetector`	|guardduty_metadata.yaml	|guardduty_CreateDetector	|
+|`GetDetector`	|guardduty_metadata.yaml	|guardduty_GetDetector	|
+|`ListDetectors`	|guardduty_metadata.yaml	|guardduty_ListDetectors	|
+|`CreateSampleFindings`	|guardduty_metadata.yaml	|guardduty_CreateSampleFindings	|
+|`ListFindings`	|guardduty_metadata.yaml	|guardduty_ListFindings	|
+|`GetFindings`	|guardduty_metadata.yaml	|guardduty_GetFindings	|
+|`DeleteDetector`	|guardduty_metadata.yaml	|guardduty_DeleteDetector	|
+|`Amazon GuardDuty Basics Scenario`	|guardduty_metadata.yaml	|guardduty_Scenario	|
+
@@ -0,0 +1,89 @@
+# Amazon Inspector Specification
+
+This document contains a draft proposal for an *Amazon Inspector Basics Scenario*, generated by the Code Examples SpecGen AI tool. The specifications describe a potential code example scenario based on research, usage data, service information, and AI-assistance. The following should be reviewed for accuracy and correctness before proceeding on to a final specification.
+
+### Relevant documentation
+
+* [Getting started with Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/getting_started.html)
+* [What is Amazon Inspector?](https://docs.aws.amazon.com/inspector/latest/user/what-is-inspector.html)
+* [Amazon Inspector API Reference](https://docs.aws.amazon.com/inspector/v2/APIReference/Welcome.html)
+* [Amazon Inspector Pricing](https://aws.amazon.com/inspector/pricing/)
+
+### API Actions Used
+
+* [Enable](https://docs.aws.amazon.com/inspector/v2/APIReference/API_Enable.html)
+* [BatchGetAccountStatus](https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetAccountStatus.html)
+* [ListFindings](https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListFindings.html)
+* [BatchGetFindingDetails](https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetFindingDetails.html)
+* [ListCoverage](https://docs.aws.amazon.com/inspector/v2/APIReference/API_ListCoverage.html)
+* [Disable](https://docs.aws.amazon.com/inspector/v2/APIReference/API_Disable.html)
+
+## Proposed example structure
+
+The output below demonstrates how this example would run for the customer. It includes a Hello service example (included for all services), and the scenario description. The scenario code would also be presented as Action snippets, with a code snippet for each SDK action.
+
+### Hello
+
+The Hello example is a separate runnable example. - Set up the Inspector service client - Check the current account status for Inspector - Display available scan types and regions
+
+## Scenario
+
+#### Setup
+
+* Enable Amazon Inspector for the account
+* Verify Inspector is successfully activated
+* Display account status and enabled scan types
+
+#### Coverage Assessment
+
+* List coverage statistics for EC2 instances, ECR repositories, and Lambda functions
+* Display resource coverage details
+* Show scanning status for different resource types
+
+#### Findings Management
+
+* List security findings across all resource types
+* Filter findings by severity level (CRITICAL, HIGH, MEDIUM, LOW)
+* Retrieve detailed information for specific findings
+
+#### Vulnerability Analysis
+
+* Display vulnerability details including CVE information
+* Show affected resources and remediation guidance
+* Filter findings by resource type (EC2, ECR, Lambda)
+
+#### Cleanup
+
+* Optionally disable Inspector scanning (with user confirmation)
+* Display final account status
+
+## Errors
+
+SDK Code examples include basic exception handling for each action used. The table below describes an appropriate exception which will be handled in the code for each service action.
+
+|Action	|Error	|Handling	|
+|---	|---	|---	|
+|`Enable`	|ValidationException	|Validate resource types and account permissions.	|
+|`Enable`	|AccessDeniedException	|Notify user of insufficient permissions and exit.	|
+|`BatchGetAccountStatus`	|ValidationException	|Validate account IDs format.	|
+|`BatchGetAccountStatus`	|AccessDeniedException	|Handle permission errors gracefully.	|
+|`ListFindings`	|ValidationException	|Validate filter criteria and pagination parameters.	|
+|`ListFindings`	|InternalServerException	|Retry operation with exponential backoff.	|
+|`BatchGetFindingDetails`	|ValidationException	|Validate finding ARNs format.	|
+|`BatchGetFindingDetails`	|AccessDeniedException	|Handle access denied for specific findings.	|
+|`ListCoverage`	|ValidationException	|Validate filter and pagination parameters.	|
+|`Disable`	|ValidationException	|Validate resource types for disabling.	|
+|`Disable`	|ConflictException	|Handle cases where Inspector cannot be disabled.	|
+
+## Metadata
+
+|action / scenario	|metadata file	|metadata key	|
+|---	|---	|---	|
+|`Enable`	|inspector_metadata.yaml	|inspector_Enable	|
+|`BatchGetAccountStatus`	|inspector_metadata.yaml	|inspector_BatchGetAccountStatus	|
+|`ListFindings`	|inspector_metadata.yaml	|inspector_ListFindings	|
+|`BatchGetFindingDetails`	|inspector_metadata.yaml	|inspector_BatchGetFindingDetails	|
+|`ListCoverage`	|inspector_metadata.yaml	|inspector_ListCoverage	|
+|`Disable`	|inspector_metadata.yaml	|inspector_Disable	|
+|`Amazon Inspector Basics Scenario`	|inspector_metadata.yaml	|inspector_Scenario	|
+
@@ -0,0 +1,200 @@
+# .NET Technology Stack & Build System
+
+## .NET 8+ Development Environment
+
+### Build Tools & Dependencies
+- **Build System**: dotnet CLI
+- **Package Manager**: NuGet
+- **Testing Framework**: xUnit
+- **Code Formatting**: dotnet-format
+- **SDK Version**: AWS SDK for .NET v4
+- **.NET Version**: .NET 8+
+
+### Common Build Commands
+
+```bash
+# Build and Package
+dotnet build SOLUTION.sln         # Build solution
+dotnet build PROJECT.csproj       # Build specific project
+dotnet clean                       # Clean build artifacts
+
+# Testing
+dotnet test                        # Run all tests
+dotnet test --filter Category=Integration  # Run integration tests
+dotnet test --logger trx           # Run tests with detailed output
+
+# Execution
+dotnet run                         # Run project
+dotnet run --project PROJECT.csproj  # Run specific project
+
+# Code Quality
+dotnet format                      # Format code
+```
+
+### .NET-Specific Pattern Requirements
+
+#### File Naming Conventions
+- Use PascalCase for class names and file names
+- Service prefix pattern: `{Service}Actions.cs` (e.g., `S3Actions.cs`)
+- Hello scenarios: `Hello{Service}.cs` (e.g., `HelloS3.cs`)
+- Test files: `{Service}Tests.cs`
+
+#### Hello Scenario Structure
+- **Class naming**: `Hello{Service}.cs` class with main method
+- **Method structure**: Static Main method as entry point
+- **Documentation**: Include XML documentation explaining the hello example purpose
+
+#### Code Structure Standards
+- **Namespace naming**: Use reverse domain notation (e.g., `Amazon.DocSamples.S3`)
+- **Class structure**: One public class per file matching filename
+- **Method naming**: Use PascalCase for method names
+- **Properties**: Use PascalCase for property names
+- **Constants**: Use PascalCase for constants
+- **Async methods**: Suffix with `Async` (e.g., `ListBucketsAsync`)
+
+#### Dependency Injection Patterns
+```csharp
+    /// <summary>
+    /// Main entry point for the AWS Control Tower basics scenario.
+    /// </summary>
+    /// <param name="args">Command line arguments.</param>
+    public static async Task Main(string[] args)
+    {
+        using var host = Host.CreateDefaultBuilder(args)
+            .ConfigureServices((_, services) =>
+                services.AddAWSService<IAmazonControlTower>()
+                .AddAWSService<IAmazonControlCatalog>()
+                .AddAWSService<IAmazonOrganizations>()
+                .AddAWSService<IAmazonSecurityTokenService>()
+                .AddTransient<ControlTowerWrapper>()
+            )
+            .Build();
+
+        logger = LoggerFactory.Create(builder => { builder.AddConsole(); })
+            .CreateLogger<ControlTowerBasics>();
+
+        wrapper = host.Services.GetRequiredService<ControlTowerWrapper>();
+        orgClient = host.Services.GetRequiredService<IAmazonOrganizations>();
+        stsClient = host.Services.GetRequiredService<IAmazonSecurityTokenService>();
+
+        await RunScenario();
+    }
+```
+
+#### Error Handling Patterns
+```csharp
+using Amazon.S3;
+using Amazon.S3.Model;
+using System;
+using System.Threading.Tasks;
+
+public class ExampleClass
+{
+    public async Task ExampleMethodAsync()
+    {
+        var s3Client = new AmazonS3Client();
+        
+        try
+        {
+            var response = await s3Client.ListBucketsAsync();
+            // Process response
+            Console.WriteLine($"Found {response.Buckets.Count} buckets");
+        }
+        catch (AmazonS3Exception e)
+        {
+            // Handle S3-specific exceptions
+            Console.WriteLine($"S3 Error: {e.Message}");
+            Console.WriteLine($"Error Code: {e.ErrorCode}");
+            throw;
+        }
+        catch (Exception e)
+        {
+            // Handle general exceptions
+            Console.WriteLine($"Error: {e.Message}");
+            throw;
+        }
+        finally
+        {
+            s3Client?.Dispose();
+        }
+    }
+}
+```
+
+#### Testing Standards
+- **Test framework**: Use xUnit attributes (`[Fact]`, `[Theory]`)
+- **Integration tests**: Mark with `[Trait("Category", "Integration")]`
+- **Async testing**: Use `async Task` for async test methods
+- **Resource management**: Use `using` statements for AWS clients
+- **Test naming**: Use descriptive method names explaining test purpose
+
+#### Project Structure
+```
+src/
+├── {Service}Examples/
+│   ├── Hello{Service}.cs
+│   ├── {Service}Actions.cs
+│   ├── {Service}Scenarios.cs
+│   └── {Service}Examples.csproj
+└── {Service}Examples.Tests/
+    ├── {Service}Tests.cs
+    └── {Service}Examples.Tests.csproj
+```
+
+#### Documentation Requirements
+- **XML documentation**: Use `///` for class and method documentation
+- **Parameter documentation**: Document all parameters with `<param>`
+- **Return documentation**: Document return values with `<returns>`
+- **Exception documentation**: Document exceptions with `<exception>`
+- **README sections**: Include dotnet setup and execution instructions
+
+### AWS Credentials Handling
+
+#### Critical Credential Testing Protocol
+- **CRITICAL**: Before assuming AWS credential issues, always test credentials first with `aws sts get-caller-identity`
+- **NEVER** assume credentials are incorrect without verification
+- If credentials test passes but .NET SDK fails, investigate SDK-specific credential chain issues
+- Common .NET SDK credential issues: EC2 instance metadata service conflicts, credential provider chain order
+
+### Build Troubleshooting
+
+#### DotNetV4 Build Troubleshooting
+- **CRITICAL**: When you get a response that the project file does not exist, use `listDirectory` to find the correct project/solution file path before trying to build again
+- **NEVER** repeatedly attempt the same build command without first locating the actual file structure
+- Always verify file existence with directory listing before executing build commands
+
+### Language-Specific Pattern Errors to Avoid
+- ❌ **NEVER create examples for dotnetv3 UNLESS explicitly instructed to by the user**
+- ❌ **NEVER use camelCase for .NET class or method names**
+- ❌ **NEVER forget to dispose AWS clients (use using statements)**
+- ❌ **NEVER ignore proper exception handling for AWS operations**
+- ❌ **NEVER skip NuGet package management**
+- ❌ **NEVER assume credentials without testing first**
+- ❌ **NEVER use other language folders for patterns**
+
+### Best Practices
+- ✅ **ALWAYS create examples in the dotnetv4 directory unless instructed otherwise**
+- ✅ **ALWAYS follow the established .NET project structure**
+- ✅ **ALWAYS use PascalCase for .NET identifiers**
+- ✅ **ALWAYS use using statements for AWS client management**
+- ✅ **ALWAYS include proper exception handling for AWS service calls**
+- ✅ **ALWAYS test AWS credentials before assuming credential issues**
+- ✅ **ALWAYS include comprehensive XML documentation**
+- ✅ **ALWAYS use async/await patterns for AWS operations**
+- ✅ **ALWAYS use dependency injection for AWS services**
+- ✅ **ALWAYS create a separate class in the Actions project for the Hello example**
+- ✅ **ALWAYS add project files to the main solution file DotNetV4Examples.sln**
+- ✅ **ALWAYS put print statements in the action methods if possible**
+
+### Project Configuration Requirements
+- **Target Framework**: Specify appropriate .NET version in .csproj
+- **AWS SDK packages**: Include specific AWS service NuGet packages
+- **Test packages**: Include xUnit and test runner packages
+- **Configuration**: Support for appsettings.json and environment variables
+
+### Integration with Knowledge Base
+Before creating .NET code examples:
+1. Query `coding-standards-KB` for "DotNet-code-example-standards"
+2. Query `DotNet-premium-KB` for "DotNet implementation patterns"
+3. Follow KB-documented patterns for project structure and class organization
+4. Validate against existing .NET examples only after KB consultation