FindingSummaryV2 - IAM Access Analyzer

FindingSummaryV2

Contains information about a finding.

Contents

analyzedAt

The time at which the resource-based policy or IAM entity that generated the finding was analyzed.

Type: Timestamp

Required: Yes

createdAt

The time at which the finding was created.

Type: Timestamp

Required: Yes

id

The ID of the finding.

Type: String

Required: Yes

resourceOwnerAccount

The AWS account ID that owns the resource.

Type: String

Required: Yes

resourceType

The type of the resource that the external principal has access to.

Type: String

Valid Values: AWS::S3::Bucket | AWS::IAM::Role | AWS::SQS::Queue | AWS::Lambda::Function | AWS::Lambda::LayerVersion | AWS::KMS::Key | AWS::SecretsManager::Secret | AWS::EFS::FileSystem | AWS::EC2::Snapshot | AWS::ECR::Repository | AWS::RDS::DBSnapshot | AWS::RDS::DBClusterSnapshot | AWS::SNS::Topic | AWS::S3Express::DirectoryBucket | AWS::DynamoDB::Table | AWS::DynamoDB::Stream

Required: Yes

status

The status of the finding.

Type: String

Valid Values: ACTIVE | ARCHIVED | RESOLVED

Required: Yes

updatedAt

The time at which the finding was most recently updated.

Type: Timestamp

Required: Yes

error

The error that resulted in an Error finding.

Type: String

Required: No

findingType

The type of the external access or unused access finding.

Type: String

Valid Values: ExternalAccess | UnusedIAMRole | UnusedIAMUserAccessKey | UnusedIAMUserPassword | UnusedPermission

Required: No

resource

The resource that the external principal has access to.

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: