Class: Aws::AccessAnalyzer::Client
- Inherits:
-
Seahorse::Client::Base
- Object
- Seahorse::Client::Base
- Aws::AccessAnalyzer::Client
- Includes:
- ClientStubs
- Defined in:
- gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb
Overview
An API client for AccessAnalyzer. To construct a client, you need to configure a :region
and :credentials
.
client = Aws::AccessAnalyzer::Client.new(
region: region_name,
credentials: credentials,
# ...
)
For details on configuring region and credentials see the developer guide.
See #initialize for a full list of supported configuration options.
Instance Attribute Summary
Attributes inherited from Seahorse::Client::Base
API Operations collapse
-
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
-
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
-
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
-
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
-
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
-
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
-
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
-
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer.
-
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer.
-
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
-
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
-
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
-
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
-
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
-
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
-
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding.
-
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
-
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding.
-
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using
StartPolicyGeneration
. -
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
-
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
-
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer.
-
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
-
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
-
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
-
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
-
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
-
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
-
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
-
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
-
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
-
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
-
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
-
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
-
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings.
Instance Method Summary collapse
-
#initialize(options) ⇒ Client
constructor
A new instance of Client.
Methods included from ClientStubs
#api_requests, #stub_data, #stub_responses
Methods inherited from Seahorse::Client::Base
add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder
#handle, #handle_request, #handle_response
Constructor Details
#initialize(options) ⇒ Client
Returns a new instance of Client.
410 411 412 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 410 def initialize(*args) super end |
Instance Method Details
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
445 446 447 448 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 445 def apply_archive_rule(params = {}, = {}) req = build_request(:apply_archive_rule, params) req.send_request() end |
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
470 471 472 473 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 470 def cancel_policy_generation(params = {}, = {}) req = build_request(:cancel_policy_generation, params) req.send_request() end |
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
600 601 602 603 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 600 def check_access_not_granted(params = {}, = {}) req = build_request(:check_access_not_granted, params) req.send_request() end |
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
You can find examples for reference policies and learn how to set up
and run a custom policy check for new access in the IAM Access
Analyzer custom policy checks samples repository on GitHub. The
reference policies in this repository are meant to be passed to the
existingPolicyDocument
request parameter.
663 664 665 666 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 663 def check_no_new_access(params = {}, = {}) req = build_request(:check_no_new_access, params) req.send_request() end |
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
742 743 744 745 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 742 def check_no_public_access(params = {}, = {}) req = build_request(:check_no_public_access, params) req.send_request() end |
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
898 899 900 901 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 898 def create_access_preview(params = {}, = {}) req = build_request(:create_access_preview, params) req.send_request() end |
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
975 976 977 978 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 975 def create_analyzer(params = {}, = {}) req = build_request(:create_analyzer, params) req.send_request() end |
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer. Archive rules automatically archive new findings that meet the criteria you define when you create the rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1028 1029 1030 1031 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1028 def create_archive_rule(params = {}, = {}) req = build_request(:create_archive_rule, params) req.send_request() end |
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled for the account or organization in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.
1060 1061 1062 1063 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1060 def delete_analyzer(params = {}, = {}) req = build_request(:delete_analyzer, params) req.send_request() end |
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
1094 1095 1096 1097 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1094 def delete_archive_rule(params = {}, = {}) req = build_request(:delete_archive_rule, params) req.send_request() end |
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
1144 1145 1146 1147 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1144 def generate_finding_recommendation(params = {}, = {}) req = build_request(:generate_finding_recommendation, params) req.send_request() end |
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
1233 1234 1235 1236 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1233 def get_access_preview(params = {}, = {}) req = build_request(:get_access_preview, params) req.send_request() end |
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
1281 1282 1283 1284 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1281 def get_analyzed_resource(params = {}, = {}) req = build_request(:get_analyzed_resource, params) req.send_request() end |
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
1319 1320 1321 1322 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1319 def get_analyzer(params = {}, = {}) req = build_request(:get_analyzer, params) req.send_request() end |
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1368 1369 1370 1371 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1368 def get_archive_rule(params = {}, = {}) req = build_request(:get_archive_rule, params) req.send_request() end |
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
1426 1427 1428 1429 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1426 def get_finding(params = {}, = {}) req = build_request(:get_finding, params) req.send_request() end |
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1571 1572 1573 1574 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1571 def get_finding_recommendation(params = {}, = {}) req = build_request(:get_finding_recommendation, params) req.send_request() end |
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1662 1663 1664 1665 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1662 def get_finding_v2(params = {}, = {}) req = build_request(:get_finding_v2, params) req.send_request() end |
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using StartPolicyGeneration
.
1729 1730 1731 1732 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1729 def get_generated_policy(params = {}, = {}) req = build_request(:get_generated_policy, params) req.send_request() end |
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1810 1811 1812 1813 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1810 def list_access_preview_findings(params = {}, = {}) req = build_request(:list_access_preview_findings, params) req.send_request() end |
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1859 1860 1861 1862 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1859 def list_access_previews(params = {}, = {}) req = build_request(:list_access_previews, params) req.send_request() end |
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer. This action is not supported for unused access analyzers.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1913 1914 1915 1916 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1913 def list_analyzed_resources(params = {}, = {}) req = build_request(:list_analyzed_resources, params) req.send_request() end |
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1964 1965 1966 1967 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1964 def list_analyzers(params = {}, = {}) req = build_request(:list_analyzers, params) req.send_request() end |
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2015 2016 2017 2018 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2015 def list_archive_rules(params = {}, = {}) req = build_request(:list_archive_rules, params) req.send_request() end |
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2109 2110 2111 2112 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2109 def list_findings(params = {}, = {}) req = build_request(:list_findings, params) req.send_request() end |
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2193 2194 2195 2196 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2193 def list_findings_v2(params = {}, = {}) req = build_request(:list_findings_v2, params) req.send_request() end |
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2240 2241 2242 2243 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2240 def list_policy_generations(params = {}, = {}) req = build_request(:list_policy_generations, params) req.send_request() end |
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
2269 2270 2271 2272 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2269 def (params = {}, = {}) req = build_request(:list_tags_for_resource, params) req.send_request() end |
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
2331 2332 2333 2334 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2331 def start_policy_generation(params = {}, = {}) req = build_request(:start_policy_generation, params) req.send_request() end |
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
2369 2370 2371 2372 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2369 def start_resource_scan(params = {}, = {}) req = build_request(:start_resource_scan, params) req.send_request() end |
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
2397 2398 2399 2400 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2397 def tag_resource(params = {}, = {}) req = build_request(:tag_resource, params) req.send_request() end |
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
2423 2424 2425 2426 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2423 def untag_resource(params = {}, = {}) req = build_request(:untag_resource, params) req.send_request() end |
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
2468 2469 2470 2471 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2468 def update_archive_rule(params = {}, = {}) req = build_request(:update_archive_rule, params) req.send_request() end |
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
2515 2516 2517 2518 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2515 def update_findings(params = {}, = {}) req = build_request(:update_findings, params) req.send_request() end |
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings. The findings help you identify issues and provide actionable recommendations to resolve the issue and enable you to author functional policies that meet security best practices.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2609 2610 2611 2612 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2609 def validate_policy(params = {}, = {}) req = build_request(:validate_policy, params) req.send_request() end |