AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

This is the response object from the CheckNoPublicAccess operation.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AmazonWebServiceResponse
    Amazon.AccessAnalyzer.Model.CheckNoPublicAccessResponse

Namespace: Amazon.AccessAnalyzer.Model
Assembly: AWSSDK.AccessAnalyzer.dll
Version: 3.x.y.z

Syntax

C# 
public class CheckNoPublicAccessResponse : AmazonWebServiceResponse

The CheckNoPublicAccessResponse type exposes the following members

Constructors

NameDescription
Public Method CheckNoPublicAccessResponse()

Properties

NameTypeDescription
Public Property ContentLength System.Int64 Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property HttpStatusCode System.Net.HttpStatusCode Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property Message System.String

Gets and sets the property Message.

The message indicating whether the specified policy allows public access to resources.

Public Property Reasons System.Collections.Generic.List<Amazon.AccessAnalyzer.Model.ReasonSummary>

Gets and sets the property Reasons.

A list of reasons why the specified resource policy grants public access for the resource type.

Public Property ResponseMetadata Amazon.Runtime.ResponseMetadata Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property Result Amazon.AccessAnalyzer.CheckNoPublicAccessResult

Gets and sets the property Result.

The result of the check for public access to the specified resource type. If the result is PASS, the policy doesn't allow public access to the specified resource type. If the result is FAIL, the policy might allow public access to the specified resource type.

Examples

Passing check. S3 Bucket policy without public access.


var client = new AmazonAccessAnalyzerClient();
var response = client.CheckAccessNotGranted(new CheckAccessNotGrantedRequest 
{
    Access = new List<Access> {
        new Access { Actions = new List<string> {
            "s3:PutObject"
        } }
    },
    PolicyDocument = "{\"Version\":\"2012-10-17\",\"Id\":\"123\",\"Statement\":[{\"Sid\":\"AllowJohnDoe\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:user/JohnDoe\"},\"Action\":\"s3:GetObject\",\"Resource\":\"*\"}]}",
    PolicyType = "RESOURCE_POLICY"
});

string message = response.Message;
string result = response.Result;

Failing check. S3 Bucket policy with public access.


var client = new AmazonAccessAnalyzerClient();
var response = client.CheckAccessNotGranted(new CheckAccessNotGrantedRequest 
{
    Access = new List<Access> {
        new Access { Resources = new List<string> {
            "arn:aws:s3:::sensitive-bucket/*"
        } }
    },
    PolicyDocument = "{\"Version\":\"2012-10-17\",\"Id\":\"123\",\"Statement\":[{\"Sid\":\"AllowJohnDoe\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:user/JohnDoe\"},\"Action\":\"s3:PutObject\",\"Resource\":\"arn:aws:s3:::non-sensitive-bucket/*\"}]}",
    PolicyType = "RESOURCE_POLICY"
});

string message = response.Message;
string result = response.Result;

Version Information

.NET:
Supported in: 8.0 and newer, Core 3.1

.NET Standard:
Supported in: 2.0

.NET Framework:
Supported in: 4.5 and newer, 3.5