AnalyzedResource

Contains details about the analyzed resource.

Contents

actions

The actions that an external principal is granted permission to use by the policy that generated the finding.

Type: Array of strings

Required: No

analyzedAt

The time at which the resource was analyzed.

Type: Timestamp

Required: Yes

createdAt

The time at which the finding was created.

Type: Timestamp

Required: Yes

error

An error message.

Type: String

Required: No

isPublic

Indicates whether the policy that generated the finding grants public access to the resource.

Type: Boolean

Required: Yes

resourceArn

The ARN of the resource that was analyzed.

Type: String

Pattern: arn:[^:]*:[^:]*:[^:]*:[^:]*:.*$

Required: Yes

resourceOwnerAccount

The AWS account ID that owns the resource.

Type: String

Required: Yes

resourceType

The type of the resource that was analyzed.

Type: String

Valid Values: AWS::S3::Bucket | AWS::IAM::Role | AWS::SQS::Queue | AWS::Lambda::Function | AWS::Lambda::LayerVersion | AWS::KMS::Key | AWS::SecretsManager::Secret

Required: Yes

sharedVia

Indicates how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.

Type: Array of strings

Required: No

status

The current status of the finding generated from the analyzed resource.

Type: String

Valid Values: ACTIVE | ARCHIVED | RESOLVED

Required: No

updatedAt

The time at which the finding was updated.

Type: Timestamp

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3