Class: Aws::AccessAnalyzer::Client
- Inherits:
-
Seahorse::Client::Base
- Object
- Seahorse::Client::Base
- Aws::AccessAnalyzer::Client
- Includes:
- ClientStubs
- Defined in:
- gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb
Overview
An API client for AccessAnalyzer. To construct a client, you need to configure a :region
and :credentials
.
client = Aws::AccessAnalyzer::Client.new(
region: region_name,
credentials: credentials,
# ...
)
For details on configuring region and credentials see the developer guide.
See #initialize for a full list of supported configuration options.
Instance Attribute Summary
Attributes inherited from Seahorse::Client::Base
API Operations collapse
-
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
-
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
-
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
-
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
-
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
-
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
-
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
-
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer.
-
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer.
-
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
-
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
-
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
-
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
-
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
-
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
-
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding.
-
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
-
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding.
-
#get_findings_statistics(params = {}) ⇒ Types::GetFindingsStatisticsResponse
Retrieves a list of aggregated finding statistics for an external access or unused access analyzer.
-
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using
StartPolicyGeneration
. -
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
-
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
-
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer.
-
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
-
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
-
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
-
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
-
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
-
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
-
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
-
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
-
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
-
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
-
#update_analyzer(params = {}) ⇒ Types::UpdateAnalyzerResponse
Modifies the configuration of an existing analyzer.
-
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
-
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
-
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings.
Instance Method Summary collapse
-
#initialize(options) ⇒ Client
constructor
A new instance of Client.
Methods included from ClientStubs
#api_requests, #stub_data, #stub_responses
Methods inherited from Seahorse::Client::Base
add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder
#handle, #handle_request, #handle_response
Constructor Details
#initialize(options) ⇒ Client
Returns a new instance of Client.
466 467 468 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 466 def initialize(*args) super end |
Instance Method Details
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
501 502 503 504 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 501 def apply_archive_rule(params = {}, = {}) req = build_request(:apply_archive_rule, params) req.send_request() end |
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
526 527 528 529 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 526 def cancel_policy_generation(params = {}, = {}) req = build_request(:cancel_policy_generation, params) req.send_request() end |
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
655 656 657 658 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 655 def check_access_not_granted(params = {}, = {}) req = build_request(:check_access_not_granted, params) req.send_request() end |
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
You can find examples for reference policies and learn how to set up
and run a custom policy check for new access in the IAM Access
Analyzer custom policy checks samples repository on GitHub. The
reference policies in this repository are meant to be passed to the
existingPolicyDocument
request parameter.
718 719 720 721 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 718 def check_no_new_access(params = {}, = {}) req = build_request(:check_no_new_access, params) req.send_request() end |
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
797 798 799 800 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 797 def check_no_public_access(params = {}, = {}) req = build_request(:check_no_public_access, params) req.send_request() end |
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
965 966 967 968 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 965 def create_access_preview(params = {}, = {}) req = build_request(:create_access_preview, params) req.send_request() end |
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
1061 1062 1063 1064 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1061 def create_analyzer(params = {}, = {}) req = build_request(:create_analyzer, params) req.send_request() end |
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer. Archive rules automatically archive new findings that meet the criteria you define when you create the rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1114 1115 1116 1117 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1114 def create_archive_rule(params = {}, = {}) req = build_request(:create_archive_rule, params) req.send_request() end |
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled for the account or organization in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.
1146 1147 1148 1149 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1146 def delete_analyzer(params = {}, = {}) req = build_request(:delete_analyzer, params) req.send_request() end |
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
1180 1181 1182 1183 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1180 def delete_archive_rule(params = {}, = {}) req = build_request(:delete_archive_rule, params) req.send_request() end |
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
1230 1231 1232 1233 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1230 def generate_finding_recommendation(params = {}, = {}) req = build_request(:generate_finding_recommendation, params) req.send_request() end |
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
1322 1323 1324 1325 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1322 def get_access_preview(params = {}, = {}) req = build_request(:get_access_preview, params) req.send_request() end |
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
1370 1371 1372 1373 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1370 def get_analyzed_resource(params = {}, = {}) req = build_request(:get_analyzed_resource, params) req.send_request() end |
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
1414 1415 1416 1417 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1414 def get_analyzer(params = {}, = {}) req = build_request(:get_analyzer, params) req.send_request() end |
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1463 1464 1465 1466 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1463 def get_archive_rule(params = {}, = {}) req = build_request(:get_archive_rule, params) req.send_request() end |
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
1522 1523 1524 1525 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1522 def get_finding(params = {}, = {}) req = build_request(:get_finding, params) req.send_request() end |
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1667 1668 1669 1670 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1667 def get_finding_recommendation(params = {}, = {}) req = build_request(:get_finding_recommendation, params) req.send_request() end |
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1759 1760 1761 1762 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1759 def get_finding_v2(params = {}, = {}) req = build_request(:get_finding_v2, params) req.send_request() end |
#get_findings_statistics(params = {}) ⇒ Types::GetFindingsStatisticsResponse
Retrieves a list of aggregated finding statistics for an external access or unused access analyzer.
1811 1812 1813 1814 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1811 def get_findings_statistics(params = {}, = {}) req = build_request(:get_findings_statistics, params) req.send_request() end |
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using StartPolicyGeneration
.
1878 1879 1880 1881 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1878 def get_generated_policy(params = {}, = {}) req = build_request(:get_generated_policy, params) req.send_request() end |
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1960 1961 1962 1963 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1960 def list_access_preview_findings(params = {}, = {}) req = build_request(:list_access_preview_findings, params) req.send_request() end |
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2009 2010 2011 2012 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2009 def list_access_previews(params = {}, = {}) req = build_request(:list_access_previews, params) req.send_request() end |
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2062 2063 2064 2065 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2062 def list_analyzed_resources(params = {}, = {}) req = build_request(:list_analyzed_resources, params) req.send_request() end |
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2119 2120 2121 2122 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2119 def list_analyzers(params = {}, = {}) req = build_request(:list_analyzers, params) req.send_request() end |
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2170 2171 2172 2173 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2170 def list_archive_rules(params = {}, = {}) req = build_request(:list_archive_rules, params) req.send_request() end |
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2265 2266 2267 2268 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2265 def list_findings(params = {}, = {}) req = build_request(:list_findings, params) req.send_request() end |
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2349 2350 2351 2352 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2349 def list_findings_v2(params = {}, = {}) req = build_request(:list_findings_v2, params) req.send_request() end |
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2396 2397 2398 2399 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2396 def list_policy_generations(params = {}, = {}) req = build_request(:list_policy_generations, params) req.send_request() end |
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
2425 2426 2427 2428 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2425 def (params = {}, = {}) req = build_request(:list_tags_for_resource, params) req.send_request() end |
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
2487 2488 2489 2490 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2487 def start_policy_generation(params = {}, = {}) req = build_request(:start_policy_generation, params) req.send_request() end |
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
2525 2526 2527 2528 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2525 def start_resource_scan(params = {}, = {}) req = build_request(:start_resource_scan, params) req.send_request() end |
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
2553 2554 2555 2556 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2553 def tag_resource(params = {}, = {}) req = build_request(:tag_resource, params) req.send_request() end |
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
2579 2580 2581 2582 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2579 def untag_resource(params = {}, = {}) req = build_request(:untag_resource, params) req.send_request() end |
#update_analyzer(params = {}) ⇒ Types::UpdateAnalyzerResponse
Modifies the configuration of an existing analyzer.
2634 2635 2636 2637 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2634 def update_analyzer(params = {}, = {}) req = build_request(:update_analyzer, params) req.send_request() end |
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
2679 2680 2681 2682 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2679 def update_archive_rule(params = {}, = {}) req = build_request(:update_archive_rule, params) req.send_request() end |
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
2726 2727 2728 2729 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2726 def update_findings(params = {}, = {}) req = build_request(:update_findings, params) req.send_request() end |
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings. The findings help you identify issues and provide actionable recommendations to resolve the issue and enable you to author functional policies that meet security best practices.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2820 2821 2822 2823 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2820 def validate_policy(params = {}, = {}) req = build_request(:validate_policy, params) req.send_request() end |