Class: Aws::AccessAnalyzer::Client
- Inherits:
-
Seahorse::Client::Base
- Object
- Seahorse::Client::Base
- Aws::AccessAnalyzer::Client
- Includes:
- ClientStubs
- Defined in:
- gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb
Overview
An API client for AccessAnalyzer. To construct a client, you need to configure a :region
and :credentials
.
client = Aws::AccessAnalyzer::Client.new(
region: region_name,
credentials: credentials,
# ...
)
For details on configuring region and credentials see the developer guide.
See #initialize for a full list of supported configuration options.
Instance Attribute Summary
Attributes inherited from Seahorse::Client::Base
API Operations collapse
-
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
-
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
-
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
-
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
-
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
-
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
-
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
-
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer.
-
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer.
-
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
-
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
-
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
-
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
-
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
-
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
-
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding.
-
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
-
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding.
-
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using
StartPolicyGeneration
. -
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
-
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
-
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer.
-
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
-
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
-
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
-
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
-
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
-
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
-
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
-
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
-
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
-
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
-
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
-
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
-
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings.
Instance Method Summary collapse
-
#initialize(options) ⇒ Client
constructor
A new instance of Client.
Methods included from ClientStubs
#api_requests, #stub_data, #stub_responses
Methods inherited from Seahorse::Client::Base
add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder
#handle, #handle_request, #handle_response
Constructor Details
#initialize(options) ⇒ Client
Returns a new instance of Client.
434 435 436 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 434 def initialize(*args) super end |
Instance Method Details
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
469 470 471 472 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 469 def apply_archive_rule(params = {}, = {}) req = build_request(:apply_archive_rule, params) req.send_request() end |
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
494 495 496 497 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 494 def cancel_policy_generation(params = {}, = {}) req = build_request(:cancel_policy_generation, params) req.send_request() end |
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
624 625 626 627 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 624 def check_access_not_granted(params = {}, = {}) req = build_request(:check_access_not_granted, params) req.send_request() end |
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
You can find examples for reference policies and learn how to set up
and run a custom policy check for new access in the IAM Access
Analyzer custom policy checks samples repository on GitHub. The
reference policies in this repository are meant to be passed to the
existingPolicyDocument
request parameter.
687 688 689 690 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 687 def check_no_new_access(params = {}, = {}) req = build_request(:check_no_new_access, params) req.send_request() end |
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
766 767 768 769 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 766 def check_no_public_access(params = {}, = {}) req = build_request(:check_no_public_access, params) req.send_request() end |
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
922 923 924 925 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 922 def create_access_preview(params = {}, = {}) req = build_request(:create_access_preview, params) req.send_request() end |
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
999 1000 1001 1002 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 999 def create_analyzer(params = {}, = {}) req = build_request(:create_analyzer, params) req.send_request() end |
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer. Archive rules automatically archive new findings that meet the criteria you define when you create the rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1052 1053 1054 1055 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1052 def create_archive_rule(params = {}, = {}) req = build_request(:create_archive_rule, params) req.send_request() end |
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled for the account or organization in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.
1084 1085 1086 1087 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1084 def delete_analyzer(params = {}, = {}) req = build_request(:delete_analyzer, params) req.send_request() end |
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
1118 1119 1120 1121 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1118 def delete_archive_rule(params = {}, = {}) req = build_request(:delete_archive_rule, params) req.send_request() end |
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
1168 1169 1170 1171 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1168 def generate_finding_recommendation(params = {}, = {}) req = build_request(:generate_finding_recommendation, params) req.send_request() end |
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
1257 1258 1259 1260 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1257 def get_access_preview(params = {}, = {}) req = build_request(:get_access_preview, params) req.send_request() end |
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
1305 1306 1307 1308 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1305 def get_analyzed_resource(params = {}, = {}) req = build_request(:get_analyzed_resource, params) req.send_request() end |
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
1343 1344 1345 1346 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1343 def get_analyzer(params = {}, = {}) req = build_request(:get_analyzer, params) req.send_request() end |
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1392 1393 1394 1395 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1392 def get_archive_rule(params = {}, = {}) req = build_request(:get_archive_rule, params) req.send_request() end |
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
1450 1451 1452 1453 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1450 def get_finding(params = {}, = {}) req = build_request(:get_finding, params) req.send_request() end |
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1595 1596 1597 1598 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1595 def get_finding_recommendation(params = {}, = {}) req = build_request(:get_finding_recommendation, params) req.send_request() end |
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1686 1687 1688 1689 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1686 def get_finding_v2(params = {}, = {}) req = build_request(:get_finding_v2, params) req.send_request() end |
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using StartPolicyGeneration
.
1753 1754 1755 1756 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1753 def get_generated_policy(params = {}, = {}) req = build_request(:get_generated_policy, params) req.send_request() end |
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1834 1835 1836 1837 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1834 def list_access_preview_findings(params = {}, = {}) req = build_request(:list_access_preview_findings, params) req.send_request() end |
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1883 1884 1885 1886 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1883 def list_access_previews(params = {}, = {}) req = build_request(:list_access_previews, params) req.send_request() end |
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer. This action is not supported for unused access analyzers.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1937 1938 1939 1940 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1937 def list_analyzed_resources(params = {}, = {}) req = build_request(:list_analyzed_resources, params) req.send_request() end |
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1988 1989 1990 1991 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1988 def list_analyzers(params = {}, = {}) req = build_request(:list_analyzers, params) req.send_request() end |
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2039 2040 2041 2042 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2039 def list_archive_rules(params = {}, = {}) req = build_request(:list_archive_rules, params) req.send_request() end |
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2133 2134 2135 2136 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2133 def list_findings(params = {}, = {}) req = build_request(:list_findings, params) req.send_request() end |
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2217 2218 2219 2220 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2217 def list_findings_v2(params = {}, = {}) req = build_request(:list_findings_v2, params) req.send_request() end |
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2264 2265 2266 2267 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2264 def list_policy_generations(params = {}, = {}) req = build_request(:list_policy_generations, params) req.send_request() end |
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
2293 2294 2295 2296 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2293 def (params = {}, = {}) req = build_request(:list_tags_for_resource, params) req.send_request() end |
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
2355 2356 2357 2358 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2355 def start_policy_generation(params = {}, = {}) req = build_request(:start_policy_generation, params) req.send_request() end |
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
2393 2394 2395 2396 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2393 def start_resource_scan(params = {}, = {}) req = build_request(:start_resource_scan, params) req.send_request() end |
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
2421 2422 2423 2424 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2421 def tag_resource(params = {}, = {}) req = build_request(:tag_resource, params) req.send_request() end |
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
2447 2448 2449 2450 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2447 def untag_resource(params = {}, = {}) req = build_request(:untag_resource, params) req.send_request() end |
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
2492 2493 2494 2495 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2492 def update_archive_rule(params = {}, = {}) req = build_request(:update_archive_rule, params) req.send_request() end |
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
2539 2540 2541 2542 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2539 def update_findings(params = {}, = {}) req = build_request(:update_findings, params) req.send_request() end |
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings. The findings help you identify issues and provide actionable recommendations to resolve the issue and enable you to author functional policies that meet security best practices.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2633 2634 2635 2636 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2633 def validate_policy(params = {}, = {}) req = build_request(:validate_policy, params) req.send_request() end |