aws-sdk-accessanalyzer 1.10.0 → 1.15.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 834f3bb04382a9326903cc39f1d847f0ea6453dff9cc6f6a1e79130685b24d7a
|
4
|
+
data.tar.gz: 89c34346ac02f78a18963d887eeec70cacc8edeff6d3fb4579e4532129f45fcd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a05271f0ad161daa1d54e46d3e515de8202ada85b7ab6c824bd6192dd6080d49e4ed050e7548f8673f9c689d5553af5fde9e4b7b3cb55dbd75750a1435854a25
|
7
|
+
data.tar.gz: 7d0e397b9ba96564d9e7699e0725ff71ed5d5b43ae53a3a8d293819899d2a7134da825df053b703640629cb3f212abc85f087553061df50eb6c2a4d362195ea8
|
@@ -7,6 +7,7 @@
|
|
7
7
|
#
|
8
8
|
# WARNING ABOUT GENERATED CODE
|
9
9
|
|
10
|
+
|
10
11
|
require 'aws-sdk-core'
|
11
12
|
require 'aws-sigv4'
|
12
13
|
|
@@ -27,7 +28,7 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
|
|
27
28
|
# structure.
|
28
29
|
#
|
29
30
|
# access_analyzer = Aws::AccessAnalyzer::Client.new
|
30
|
-
# resp = access_analyzer.
|
31
|
+
# resp = access_analyzer.apply_archive_rule(params)
|
31
32
|
#
|
32
33
|
# See {Client} for more information.
|
33
34
|
#
|
@@ -47,6 +48,6 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
|
|
47
48
|
# @!group service
|
48
49
|
module Aws::AccessAnalyzer
|
49
50
|
|
50
|
-
GEM_VERSION = '1.
|
51
|
+
GEM_VERSION = '1.15.0'
|
51
52
|
|
52
53
|
end
|
@@ -327,6 +327,40 @@ module Aws::AccessAnalyzer
|
|
327
327
|
|
328
328
|
# @!group API Operations
|
329
329
|
|
330
|
+
# Retroactively applies the archive rule to existing findings that meet
|
331
|
+
# the archive rule criteria.
|
332
|
+
#
|
333
|
+
# @option params [required, String] :analyzer_arn
|
334
|
+
# The Amazon resource name (ARN) of the analyzer.
|
335
|
+
#
|
336
|
+
# @option params [String] :client_token
|
337
|
+
# A client token.
|
338
|
+
#
|
339
|
+
# **A suitable default value is auto-generated.** You should normally
|
340
|
+
# not need to pass this option.**
|
341
|
+
#
|
342
|
+
# @option params [required, String] :rule_name
|
343
|
+
# The name of the rule to apply.
|
344
|
+
#
|
345
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
346
|
+
#
|
347
|
+
# @example Request syntax with placeholder values
|
348
|
+
#
|
349
|
+
# resp = client.apply_archive_rule({
|
350
|
+
# analyzer_arn: "AnalyzerArn", # required
|
351
|
+
# client_token: "String",
|
352
|
+
# rule_name: "Name", # required
|
353
|
+
# })
|
354
|
+
#
|
355
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ApplyArchiveRule AWS API Documentation
|
356
|
+
#
|
357
|
+
# @overload apply_archive_rule(params = {})
|
358
|
+
# @param [Hash] params ({})
|
359
|
+
def apply_archive_rule(params = {}, options = {})
|
360
|
+
req = build_request(:apply_archive_rule, params)
|
361
|
+
req.send_request(options)
|
362
|
+
end
|
363
|
+
|
330
364
|
# Creates an analyzer for your account.
|
331
365
|
#
|
332
366
|
# @option params [required, String] :analyzer_name
|
@@ -347,8 +381,10 @@ module Aws::AccessAnalyzer
|
|
347
381
|
# The tags to apply to the analyzer.
|
348
382
|
#
|
349
383
|
# @option params [required, String] :type
|
350
|
-
# The type of analyzer to create. Only ACCOUNT
|
351
|
-
# You can create only one analyzer per account
|
384
|
+
# The type of analyzer to create. Only ACCOUNT and ORGANIZATION
|
385
|
+
# analyzers are supported. You can create only one analyzer per account
|
386
|
+
# per Region. You can create up to 5 analyzers per organization per
|
387
|
+
# Region.
|
352
388
|
#
|
353
389
|
# @return [Types::CreateAnalyzerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
354
390
|
#
|
@@ -392,8 +428,8 @@ module Aws::AccessAnalyzer
|
|
392
428
|
end
|
393
429
|
|
394
430
|
# Creates an archive rule for the specified analyzer. Archive rules
|
395
|
-
# automatically archive findings that meet the criteria you define
|
396
|
-
# you create the rule.
|
431
|
+
# automatically archive new findings that meet the criteria you define
|
432
|
+
# when you create the rule.
|
397
433
|
#
|
398
434
|
# @option params [required, String] :analyzer_name
|
399
435
|
# The name of the created analyzer.
|
@@ -438,9 +474,9 @@ module Aws::AccessAnalyzer
|
|
438
474
|
end
|
439
475
|
|
440
476
|
# Deletes the specified analyzer. When you delete an analyzer, Access
|
441
|
-
# Analyzer is disabled for the account in the current or
|
442
|
-
# Region. All findings that were generated by the analyzer are
|
443
|
-
# You cannot undo this action.
|
477
|
+
# Analyzer is disabled for the account or organization in the current or
|
478
|
+
# specific Region. All findings that were generated by the analyzer are
|
479
|
+
# deleted. You cannot undo this action.
|
444
480
|
#
|
445
481
|
# @option params [required, String] :analyzer_name
|
446
482
|
# The name of the analyzer to delete.
|
@@ -532,7 +568,7 @@ module Aws::AccessAnalyzer
|
|
532
568
|
# resp.resource.is_public #=> Boolean
|
533
569
|
# resp.resource.resource_arn #=> String
|
534
570
|
# resp.resource.resource_owner_account #=> String
|
535
|
-
# resp.resource.resource_type #=> String, one of "AWS::IAM::Role", "AWS::
|
571
|
+
# resp.resource.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret"
|
536
572
|
# resp.resource.shared_via #=> Array
|
537
573
|
# resp.resource.shared_via[0] #=> String
|
538
574
|
# resp.resource.status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
|
@@ -586,6 +622,13 @@ module Aws::AccessAnalyzer
|
|
586
622
|
|
587
623
|
# Retrieves information about an archive rule.
|
588
624
|
#
|
625
|
+
# To learn about filter keys that you can use to create an archive rule,
|
626
|
+
# see [Access Analyzer filter keys][1] in the **IAM User Guide**.
|
627
|
+
#
|
628
|
+
#
|
629
|
+
#
|
630
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html
|
631
|
+
#
|
589
632
|
# @option params [required, String] :analyzer_name
|
590
633
|
# The name of the analyzer to retrieve rules from.
|
591
634
|
#
|
@@ -660,10 +703,10 @@ module Aws::AccessAnalyzer
|
|
660
703
|
# resp.finding.principal["String"] #=> String
|
661
704
|
# resp.finding.resource #=> String
|
662
705
|
# resp.finding.resource_owner_account #=> String
|
663
|
-
# resp.finding.resource_type #=> String, one of "AWS::IAM::Role", "AWS::
|
706
|
+
# resp.finding.resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret"
|
664
707
|
# resp.finding.sources #=> Array
|
665
708
|
# resp.finding.sources[0].detail.access_point_arn #=> String
|
666
|
-
# resp.finding.sources[0].type #=> String, one of "
|
709
|
+
# resp.finding.sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
|
667
710
|
# resp.finding.status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
|
668
711
|
# resp.finding.updated_at #=> Time
|
669
712
|
#
|
@@ -704,7 +747,7 @@ module Aws::AccessAnalyzer
|
|
704
747
|
# analyzer_arn: "AnalyzerArn", # required
|
705
748
|
# max_results: 1,
|
706
749
|
# next_token: "Token",
|
707
|
-
# resource_type: "AWS::
|
750
|
+
# resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret
|
708
751
|
# })
|
709
752
|
#
|
710
753
|
# @example Response structure
|
@@ -712,7 +755,7 @@ module Aws::AccessAnalyzer
|
|
712
755
|
# resp.analyzed_resources #=> Array
|
713
756
|
# resp.analyzed_resources[0].resource_arn #=> String
|
714
757
|
# resp.analyzed_resources[0].resource_owner_account #=> String
|
715
|
-
# resp.analyzed_resources[0].resource_type #=> String, one of "AWS::IAM::Role", "AWS::
|
758
|
+
# resp.analyzed_resources[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret"
|
716
759
|
# resp.next_token #=> String
|
717
760
|
#
|
718
761
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzedResources AWS API Documentation
|
@@ -827,6 +870,13 @@ module Aws::AccessAnalyzer
|
|
827
870
|
|
828
871
|
# Retrieves a list of findings generated by the specified analyzer.
|
829
872
|
#
|
873
|
+
# To learn about filter keys that you can use to create an archive rule,
|
874
|
+
# see [Access Analyzer filter keys][1] in the **IAM User Guide**.
|
875
|
+
#
|
876
|
+
#
|
877
|
+
#
|
878
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html
|
879
|
+
#
|
830
880
|
# @option params [required, String] :analyzer_arn
|
831
881
|
# The ARN of the analyzer to retrieve findings from.
|
832
882
|
#
|
@@ -885,10 +935,10 @@ module Aws::AccessAnalyzer
|
|
885
935
|
# resp.findings[0].principal["String"] #=> String
|
886
936
|
# resp.findings[0].resource #=> String
|
887
937
|
# resp.findings[0].resource_owner_account #=> String
|
888
|
-
# resp.findings[0].resource_type #=> String, one of "AWS::IAM::Role", "AWS::
|
938
|
+
# resp.findings[0].resource_type #=> String, one of "AWS::S3::Bucket", "AWS::IAM::Role", "AWS::SQS::Queue", "AWS::Lambda::Function", "AWS::Lambda::LayerVersion", "AWS::KMS::Key", "AWS::SecretsManager::Secret"
|
889
939
|
# resp.findings[0].sources #=> Array
|
890
940
|
# resp.findings[0].sources[0].detail.access_point_arn #=> String
|
891
|
-
# resp.findings[0].sources[0].type #=> String, one of "
|
941
|
+
# resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
|
892
942
|
# resp.findings[0].status #=> String, one of "ACTIVE", "ARCHIVED", "RESOLVED"
|
893
943
|
# resp.findings[0].updated_at #=> Time
|
894
944
|
# resp.next_token #=> String
|
@@ -1114,7 +1164,7 @@ module Aws::AccessAnalyzer
|
|
1114
1164
|
params: params,
|
1115
1165
|
config: config)
|
1116
1166
|
context[:gem_name] = 'aws-sdk-accessanalyzer'
|
1117
|
-
context[:gem_version] = '1.
|
1167
|
+
context[:gem_version] = '1.15.0'
|
1118
1168
|
Seahorse::Client::Request.new(handlers, context)
|
1119
1169
|
end
|
1120
1170
|
|
@@ -22,6 +22,7 @@ module Aws::AccessAnalyzer
|
|
22
22
|
AnalyzerStatus = Shapes::StringShape.new(name: 'AnalyzerStatus')
|
23
23
|
AnalyzerSummary = Shapes::StructureShape.new(name: 'AnalyzerSummary')
|
24
24
|
AnalyzersList = Shapes::ListShape.new(name: 'AnalyzersList')
|
25
|
+
ApplyArchiveRuleRequest = Shapes::StructureShape.new(name: 'ApplyArchiveRuleRequest')
|
25
26
|
ArchiveRuleSummary = Shapes::StructureShape.new(name: 'ArchiveRuleSummary')
|
26
27
|
ArchiveRulesList = Shapes::ListShape.new(name: 'ArchiveRulesList')
|
27
28
|
Boolean = Shapes::BooleanShape.new(name: 'Boolean')
|
@@ -136,6 +137,11 @@ module Aws::AccessAnalyzer
|
|
136
137
|
|
137
138
|
AnalyzersList.member = Shapes::ShapeRef.new(shape: AnalyzerSummary)
|
138
139
|
|
140
|
+
ApplyArchiveRuleRequest.add_member(:analyzer_arn, Shapes::ShapeRef.new(shape: AnalyzerArn, required: true, location_name: "analyzerArn"))
|
141
|
+
ApplyArchiveRuleRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: String, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
|
142
|
+
ApplyArchiveRuleRequest.add_member(:rule_name, Shapes::ShapeRef.new(shape: Name, required: true, location_name: "ruleName"))
|
143
|
+
ApplyArchiveRuleRequest.struct_class = Types::ApplyArchiveRuleRequest
|
144
|
+
|
139
145
|
ArchiveRuleSummary.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "createdAt"))
|
140
146
|
ArchiveRuleSummary.add_member(:filter, Shapes::ShapeRef.new(shape: FilterCriteriaMap, required: true, location_name: "filter"))
|
141
147
|
ArchiveRuleSummary.add_member(:rule_name, Shapes::ShapeRef.new(shape: Name, required: true, location_name: "ruleName"))
|
@@ -404,6 +410,19 @@ module Aws::AccessAnalyzer
|
|
404
410
|
"uid" => "accessanalyzer-2019-11-01",
|
405
411
|
}
|
406
412
|
|
413
|
+
api.add_operation(:apply_archive_rule, Seahorse::Model::Operation.new.tap do |o|
|
414
|
+
o.name = "ApplyArchiveRule"
|
415
|
+
o.http_method = "PUT"
|
416
|
+
o.http_request_uri = "/archive-rule"
|
417
|
+
o.input = Shapes::ShapeRef.new(shape: ApplyArchiveRuleRequest)
|
418
|
+
o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
|
419
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
420
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
421
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
|
422
|
+
o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
|
423
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
424
|
+
end)
|
425
|
+
|
407
426
|
api.add_operation(:create_analyzer, Seahorse::Model::Operation.new.tap do |o|
|
408
427
|
o.name = "CreateAnalyzer"
|
409
428
|
o.http_method = "PUT"
|
@@ -99,6 +99,10 @@ module Aws::AccessAnalyzer
|
|
99
99
|
def retry_after_seconds
|
100
100
|
@data[:retry_after_seconds]
|
101
101
|
end
|
102
|
+
|
103
|
+
def retryable?
|
104
|
+
true
|
105
|
+
end
|
102
106
|
end
|
103
107
|
|
104
108
|
class ResourceNotFoundException < ServiceError
|
@@ -169,6 +173,14 @@ module Aws::AccessAnalyzer
|
|
169
173
|
def retry_after_seconds
|
170
174
|
@data[:retry_after_seconds]
|
171
175
|
end
|
176
|
+
|
177
|
+
def retryable?
|
178
|
+
true
|
179
|
+
end
|
180
|
+
|
181
|
+
def throttling?
|
182
|
+
true
|
183
|
+
end
|
172
184
|
end
|
173
185
|
|
174
186
|
class ValidationException < ServiceError
|
@@ -141,10 +141,10 @@ module Aws::AccessAnalyzer
|
|
141
141
|
# The status of the analyzer. An `Active` analyzer successfully
|
142
142
|
# monitors supported resources and generates new findings. The
|
143
143
|
# analyzer is `Disabled` when a user action, such as removing trusted
|
144
|
-
# access for IAM Access Analyzer from AWS Organizations, causes
|
145
|
-
# analyzer to stop generating new findings. The status is
|
146
|
-
# when the analyzer creation is in progress and `Failed`
|
147
|
-
# analyzer creation has failed.
|
144
|
+
# access for AWS IAM Access Analyzer from AWS Organizations, causes
|
145
|
+
# the analyzer to stop generating new findings. The status is
|
146
|
+
# `Creating` when the analyzer creation is in progress and `Failed`
|
147
|
+
# when the analyzer creation has failed.
|
148
148
|
# @return [String]
|
149
149
|
#
|
150
150
|
# @!attribute [rw] status_reason
|
@@ -181,6 +181,42 @@ module Aws::AccessAnalyzer
|
|
181
181
|
include Aws::Structure
|
182
182
|
end
|
183
183
|
|
184
|
+
# Retroactively applies an archive rule.
|
185
|
+
#
|
186
|
+
# @note When making an API call, you may pass ApplyArchiveRuleRequest
|
187
|
+
# data as a hash:
|
188
|
+
#
|
189
|
+
# {
|
190
|
+
# analyzer_arn: "AnalyzerArn", # required
|
191
|
+
# client_token: "String",
|
192
|
+
# rule_name: "Name", # required
|
193
|
+
# }
|
194
|
+
#
|
195
|
+
# @!attribute [rw] analyzer_arn
|
196
|
+
# The Amazon resource name (ARN) of the analyzer.
|
197
|
+
# @return [String]
|
198
|
+
#
|
199
|
+
# @!attribute [rw] client_token
|
200
|
+
# A client token.
|
201
|
+
#
|
202
|
+
# **A suitable default value is auto-generated.** You should normally
|
203
|
+
# not need to pass this option.
|
204
|
+
# @return [String]
|
205
|
+
#
|
206
|
+
# @!attribute [rw] rule_name
|
207
|
+
# The name of the rule to apply.
|
208
|
+
# @return [String]
|
209
|
+
#
|
210
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ApplyArchiveRuleRequest AWS API Documentation
|
211
|
+
#
|
212
|
+
class ApplyArchiveRuleRequest < Struct.new(
|
213
|
+
:analyzer_arn,
|
214
|
+
:client_token,
|
215
|
+
:rule_name)
|
216
|
+
SENSITIVE = []
|
217
|
+
include Aws::Structure
|
218
|
+
end
|
219
|
+
|
184
220
|
# Contains information about an archive rule.
|
185
221
|
#
|
186
222
|
# @!attribute [rw] created_at
|
@@ -282,8 +318,10 @@ module Aws::AccessAnalyzer
|
|
282
318
|
# @return [Hash<String,String>]
|
283
319
|
#
|
284
320
|
# @!attribute [rw] type
|
285
|
-
# The type of analyzer to create. Only ACCOUNT
|
286
|
-
# supported. You can create only one analyzer per
|
321
|
+
# The type of analyzer to create. Only ACCOUNT and ORGANIZATION
|
322
|
+
# analyzers are supported. You can create only one analyzer per
|
323
|
+
# account per Region. You can create up to 5 analyzers per
|
324
|
+
# organization per Region.
|
287
325
|
# @return [String]
|
288
326
|
#
|
289
327
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAnalyzerRequest AWS API Documentation
|
@@ -901,7 +939,7 @@ module Aws::AccessAnalyzer
|
|
901
939
|
# analyzer_arn: "AnalyzerArn", # required
|
902
940
|
# max_results: 1,
|
903
941
|
# next_token: "Token",
|
904
|
-
# resource_type: "AWS::
|
942
|
+
# resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret
|
905
943
|
# }
|
906
944
|
#
|
907
945
|
# @!attribute [rw] analyzer_arn
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-accessanalyzer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.15.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-01-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.109.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.109.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|