Class: Aws::AccessAnalyzer::Client
- Inherits:
-
Seahorse::Client::Base
- Object
- Seahorse::Client::Base
- Aws::AccessAnalyzer::Client
- Includes:
- ClientStubs
- Defined in:
- gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb
Overview
An API client for AccessAnalyzer. To construct a client, you need to configure a :region
and :credentials
.
client = Aws::AccessAnalyzer::Client.new(
region: region_name,
credentials: credentials,
# ...
)
For details on configuring region and credentials see the developer guide.
See #initialize for a full list of supported configuration options.
Instance Attribute Summary
Attributes inherited from Seahorse::Client::Base
API Operations collapse
-
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
-
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
-
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
-
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
-
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
-
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
-
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
-
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer.
-
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer.
-
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
-
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
-
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
-
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
-
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
-
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
-
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding.
-
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
-
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding.
-
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using
StartPolicyGeneration
. -
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
-
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
-
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer.
-
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
-
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
-
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
-
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
-
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
-
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
-
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
-
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
-
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
-
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
-
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
-
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
-
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings.
Instance Method Summary collapse
-
#initialize(options) ⇒ Client
constructor
A new instance of Client.
Methods included from ClientStubs
#api_requests, #stub_data, #stub_responses
Methods inherited from Seahorse::Client::Base
add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder
#handle, #handle_request, #handle_response
Constructor Details
#initialize(options) ⇒ Client
Returns a new instance of Client.
444 445 446 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 444 def initialize(*args) super end |
Instance Method Details
#apply_archive_rule(params = {}) ⇒ Struct
Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
479 480 481 482 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 479 def apply_archive_rule(params = {}, = {}) req = build_request(:apply_archive_rule, params) req.send_request() end |
#cancel_policy_generation(params = {}) ⇒ Struct
Cancels the requested policy generation.
504 505 506 507 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 504 def cancel_policy_generation(params = {}, = {}) req = build_request(:cancel_policy_generation, params) req.send_request() end |
#check_access_not_granted(params = {}) ⇒ Types::CheckAccessNotGrantedResponse
Checks whether the specified access isn't allowed by a policy.
634 635 636 637 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 634 def check_access_not_granted(params = {}, = {}) req = build_request(:check_access_not_granted, params) req.send_request() end |
#check_no_new_access(params = {}) ⇒ Types::CheckNoNewAccessResponse
Checks whether new access is allowed for an updated policy when compared to the existing policy.
You can find examples for reference policies and learn how to set up
and run a custom policy check for new access in the IAM Access
Analyzer custom policy checks samples repository on GitHub. The
reference policies in this repository are meant to be passed to the
existingPolicyDocument
request parameter.
697 698 699 700 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 697 def check_no_new_access(params = {}, = {}) req = build_request(:check_no_new_access, params) req.send_request() end |
#check_no_public_access(params = {}) ⇒ Types::CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
776 777 778 779 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 776 def check_no_public_access(params = {}, = {}) req = build_request(:check_no_public_access, params) req.send_request() end |
#create_access_preview(params = {}) ⇒ Types::CreateAccessPreviewResponse
Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.
932 933 934 935 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 932 def create_access_preview(params = {}, = {}) req = build_request(:create_access_preview, params) req.send_request() end |
#create_analyzer(params = {}) ⇒ Types::CreateAnalyzerResponse
Creates an analyzer for your account.
1009 1010 1011 1012 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1009 def create_analyzer(params = {}, = {}) req = build_request(:create_analyzer, params) req.send_request() end |
#create_archive_rule(params = {}) ⇒ Struct
Creates an archive rule for the specified analyzer. Archive rules automatically archive new findings that meet the criteria you define when you create the rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1062 1063 1064 1065 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1062 def create_archive_rule(params = {}, = {}) req = build_request(:create_archive_rule, params) req.send_request() end |
#delete_analyzer(params = {}) ⇒ Struct
Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled for the account or organization in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.
1094 1095 1096 1097 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1094 def delete_analyzer(params = {}, = {}) req = build_request(:delete_analyzer, params) req.send_request() end |
#delete_archive_rule(params = {}) ⇒ Struct
Deletes the specified archive rule.
1128 1129 1130 1131 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1128 def delete_archive_rule(params = {}, = {}) req = build_request(:delete_archive_rule, params) req.send_request() end |
#generate_finding_recommendation(params = {}) ⇒ Struct
Creates a recommendation for an unused permissions finding.
1178 1179 1180 1181 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1178 def generate_finding_recommendation(params = {}, = {}) req = build_request(:generate_finding_recommendation, params) req.send_request() end |
#get_access_preview(params = {}) ⇒ Types::GetAccessPreviewResponse
Retrieves information about an access preview for the specified analyzer.
1267 1268 1269 1270 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1267 def get_access_preview(params = {}, = {}) req = build_request(:get_access_preview, params) req.send_request() end |
#get_analyzed_resource(params = {}) ⇒ Types::GetAnalyzedResourceResponse
Retrieves information about a resource that was analyzed.
1315 1316 1317 1318 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1315 def get_analyzed_resource(params = {}, = {}) req = build_request(:get_analyzed_resource, params) req.send_request() end |
#get_analyzer(params = {}) ⇒ Types::GetAnalyzerResponse
Retrieves information about the specified analyzer.
1353 1354 1355 1356 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1353 def get_analyzer(params = {}, = {}) req = build_request(:get_analyzer, params) req.send_request() end |
#get_archive_rule(params = {}) ⇒ Types::GetArchiveRuleResponse
Retrieves information about an archive rule.
To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
1402 1403 1404 1405 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1402 def get_archive_rule(params = {}, = {}) req = build_request(:get_archive_rule, params) req.send_request() end |
#get_finding(params = {}) ⇒ Types::GetFindingResponse
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
1460 1461 1462 1463 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1460 def get_finding(params = {}, = {}) req = build_request(:get_finding, params) req.send_request() end |
#get_finding_recommendation(params = {}) ⇒ Types::GetFindingRecommendationResponse
Retrieves information about a finding recommendation for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1605 1606 1607 1608 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1605 def get_finding_recommendation(params = {}, = {}) req = build_request(:get_finding_recommendation, params) req.send_request() end |
#get_finding_v2(params = {}) ⇒ Types::GetFindingV2Response
Retrieves information about the specified finding. GetFinding and
GetFindingV2 both use access-analyzer:GetFinding
in the Action
element of an IAM policy statement. You must have permission to
perform the access-analyzer:GetFinding
action.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1696 1697 1698 1699 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1696 def get_finding_v2(params = {}, = {}) req = build_request(:get_finding_v2, params) req.send_request() end |
#get_generated_policy(params = {}) ⇒ Types::GetGeneratedPolicyResponse
Retrieves the policy that was generated using StartPolicyGeneration
.
1763 1764 1765 1766 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1763 def get_generated_policy(params = {}, = {}) req = build_request(:get_generated_policy, params) req.send_request() end |
#list_access_preview_findings(params = {}) ⇒ Types::ListAccessPreviewFindingsResponse
Retrieves a list of access preview findings generated by the specified access preview.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1844 1845 1846 1847 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1844 def list_access_preview_findings(params = {}, = {}) req = build_request(:list_access_preview_findings, params) req.send_request() end |
#list_access_previews(params = {}) ⇒ Types::ListAccessPreviewsResponse
Retrieves a list of access previews for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1893 1894 1895 1896 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1893 def list_access_previews(params = {}, = {}) req = build_request(:list_access_previews, params) req.send_request() end |
#list_analyzed_resources(params = {}) ⇒ Types::ListAnalyzedResourcesResponse
Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer. This action is not supported for unused access analyzers.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1947 1948 1949 1950 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1947 def list_analyzed_resources(params = {}, = {}) req = build_request(:list_analyzed_resources, params) req.send_request() end |
#list_analyzers(params = {}) ⇒ Types::ListAnalyzersResponse
Retrieves a list of analyzers.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
1998 1999 2000 2001 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 1998 def list_analyzers(params = {}, = {}) req = build_request(:list_analyzers, params) req.send_request() end |
#list_archive_rules(params = {}) ⇒ Types::ListArchiveRulesResponse
Retrieves a list of archive rules created for the specified analyzer.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2049 2050 2051 2052 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2049 def list_archive_rules(params = {}, = {}) req = build_request(:list_archive_rules, params) req.send_request() end |
#list_findings(params = {}) ⇒ Types::ListFindingsResponse
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2143 2144 2145 2146 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2143 def list_findings(params = {}, = {}) req = build_request(:list_findings, params) req.send_request() end |
#list_findings_v2(params = {}) ⇒ Types::ListFindingsV2Response
Retrieves a list of findings generated by the specified analyzer.
ListFindings and ListFindingsV2 both use
access-analyzer:ListFindings
in the Action
element of an IAM
policy statement. You must have permission to perform the
access-analyzer:ListFindings
action.
To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2227 2228 2229 2230 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2227 def list_findings_v2(params = {}, = {}) req = build_request(:list_findings_v2, params) req.send_request() end |
#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse
Lists all of the policy generations requested in the last seven days.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2274 2275 2276 2277 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2274 def list_policy_generations(params = {}, = {}) req = build_request(:list_policy_generations, params) req.send_request() end |
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Retrieves a list of tags applied to the specified resource.
2303 2304 2305 2306 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2303 def (params = {}, = {}) req = build_request(:list_tags_for_resource, params) req.send_request() end |
#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse
Starts the policy generation request.
2365 2366 2367 2368 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2365 def start_policy_generation(params = {}, = {}) req = build_request(:start_policy_generation, params) req.send_request() end |
#start_resource_scan(params = {}) ⇒ Struct
Immediately starts a scan of the policies applied to the specified resource.
2403 2404 2405 2406 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2403 def start_resource_scan(params = {}, = {}) req = build_request(:start_resource_scan, params) req.send_request() end |
#tag_resource(params = {}) ⇒ Struct
Adds a tag to the specified resource.
2431 2432 2433 2434 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2431 def tag_resource(params = {}, = {}) req = build_request(:tag_resource, params) req.send_request() end |
#untag_resource(params = {}) ⇒ Struct
Removes a tag from the specified resource.
2457 2458 2459 2460 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2457 def untag_resource(params = {}, = {}) req = build_request(:untag_resource, params) req.send_request() end |
#update_archive_rule(params = {}) ⇒ Struct
Updates the criteria and values for the specified archive rule.
2502 2503 2504 2505 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2502 def update_archive_rule(params = {}, = {}) req = build_request(:update_archive_rule, params) req.send_request() end |
#update_findings(params = {}) ⇒ Struct
Updates the status for the specified findings.
2549 2550 2551 2552 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2549 def update_findings(params = {}, = {}) req = build_request(:update_findings, params) req.send_request() end |
#validate_policy(params = {}) ⇒ Types::ValidatePolicyResponse
Requests the validation of a policy and returns a list of findings. The findings help you identify issues and provide actionable recommendations to resolve the issue and enable you to author functional policies that meet security best practices.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
2643 2644 2645 2646 |
# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/client.rb', line 2643 def validate_policy(params = {}, = {}) req = build_request(:validate_policy, params) req.send_request() end |