Access Analyzer
API Reference (API Version 2019-11-01)

FindingSummary

Contains information about a finding.

Contents

action

The action in the analyzed policy statement that an external principal has permission to use.

Type: Array of strings

Required: No

analyzedAt

The time at which the resource-based policy that generated the finding was analyzed.

Type: Timestamp

Required: Yes

condition

The condition in the analyzed policy statement that resulted in a finding.

Type: String to string map

Required: Yes

createdAt

The time at which the finding was created.

Type: Timestamp

Required: Yes

error

The error that resulted in an Error finding.

Type: String

Required: No

id

The ID of the finding.

Type: String

Required: Yes

isPublic

Indicates whether the finding reports a resource that has a policy that allows public access.

Type: Boolean

Required: No

principal

The external principal that has access to a resource within the zone of trust.

Type: String to string map

Required: No

resource

The resource that the external principal has access to.

Type: String

Required: No

resourceType

The type of the resource that the external principal has access to.

Type: String

Valid Values: AWS::IAM::Role | AWS::KMS::Key | AWS::Lambda::Function | AWS::Lambda::LayerVersion | AWS::S3::Bucket | AWS::SQS::Queue

Required: Yes

status

The status of the finding.

Type: String

Valid Values: ACTIVE | ARCHIVED | RESOLVED

Required: Yes

updatedAt

The time at which the finding was most recently updated.

Type: Timestamp

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

On this page: