aws-sdk-accessanalyzer 1.30.0 → 1.31.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-accessanalyzer/client.rb +78 -9
- data/lib/aws-sdk-accessanalyzer/client_api.rb +88 -1
- data/lib/aws-sdk-accessanalyzer/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-accessanalyzer/endpoint_provider.rb +112 -0
- data/lib/aws-sdk-accessanalyzer/endpoints.rb +407 -0
- data/lib/aws-sdk-accessanalyzer/plugins/endpoints.rb +124 -0
- data/lib/aws-sdk-accessanalyzer/types.rb +478 -2
- data/lib/aws-sdk-accessanalyzer.rb +5 -1
- metadata +8 -4
@@ -625,14 +625,36 @@ module Aws::AccessAnalyzer
|
|
625
625
|
#
|
626
626
|
# @note Configuration is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of Configuration corresponding to the set member.
|
627
627
|
#
|
628
|
+
# @!attribute [rw] ebs_snapshot
|
629
|
+
# The access control configuration is for an Amazon EBS volume
|
630
|
+
# snapshot.
|
631
|
+
# @return [Types::EbsSnapshotConfiguration]
|
632
|
+
#
|
633
|
+
# @!attribute [rw] ecr_repository
|
634
|
+
# The access control configuration is for an Amazon ECR repository.
|
635
|
+
# @return [Types::EcrRepositoryConfiguration]
|
636
|
+
#
|
628
637
|
# @!attribute [rw] iam_role
|
629
638
|
# The access control configuration is for an IAM role.
|
630
639
|
# @return [Types::IamRoleConfiguration]
|
631
640
|
#
|
641
|
+
# @!attribute [rw] efs_file_system
|
642
|
+
# The access control configuration is for an Amazon EFS file system.
|
643
|
+
# @return [Types::EfsFileSystemConfiguration]
|
644
|
+
#
|
632
645
|
# @!attribute [rw] kms_key
|
633
646
|
# The access control configuration is for a KMS key.
|
634
647
|
# @return [Types::KmsKeyConfiguration]
|
635
648
|
#
|
649
|
+
# @!attribute [rw] rds_db_cluster_snapshot
|
650
|
+
# The access control configuration is for an Amazon RDS DB cluster
|
651
|
+
# snapshot.
|
652
|
+
# @return [Types::RdsDbClusterSnapshotConfiguration]
|
653
|
+
#
|
654
|
+
# @!attribute [rw] rds_db_snapshot
|
655
|
+
# The access control configuration is for an Amazon RDS DB snapshot.
|
656
|
+
# @return [Types::RdsDbSnapshotConfiguration]
|
657
|
+
#
|
636
658
|
# @!attribute [rw] secrets_manager_secret
|
637
659
|
# The access control configuration is for a Secrets Manager secret.
|
638
660
|
# @return [Types::SecretsManagerSecretConfiguration]
|
@@ -641,6 +663,10 @@ module Aws::AccessAnalyzer
|
|
641
663
|
# The access control configuration is for an Amazon S3 Bucket.
|
642
664
|
# @return [Types::S3BucketConfiguration]
|
643
665
|
#
|
666
|
+
# @!attribute [rw] sns_topic
|
667
|
+
# The access control configuration is for an Amazon SNS topic
|
668
|
+
# @return [Types::SnsTopicConfiguration]
|
669
|
+
#
|
644
670
|
# @!attribute [rw] sqs_queue
|
645
671
|
# The access control configuration is for an Amazon SQS queue.
|
646
672
|
# @return [Types::SqsQueueConfiguration]
|
@@ -648,20 +674,32 @@ module Aws::AccessAnalyzer
|
|
648
674
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/Configuration AWS API Documentation
|
649
675
|
#
|
650
676
|
class Configuration < Struct.new(
|
677
|
+
:ebs_snapshot,
|
678
|
+
:ecr_repository,
|
651
679
|
:iam_role,
|
680
|
+
:efs_file_system,
|
652
681
|
:kms_key,
|
682
|
+
:rds_db_cluster_snapshot,
|
683
|
+
:rds_db_snapshot,
|
653
684
|
:secrets_manager_secret,
|
654
685
|
:s3_bucket,
|
686
|
+
:sns_topic,
|
655
687
|
:sqs_queue,
|
656
688
|
:unknown)
|
657
689
|
SENSITIVE = []
|
658
690
|
include Aws::Structure
|
659
691
|
include Aws::Structure::Union
|
660
692
|
|
693
|
+
class EbsSnapshot < Configuration; end
|
694
|
+
class EcrRepository < Configuration; end
|
661
695
|
class IamRole < Configuration; end
|
696
|
+
class EfsFileSystem < Configuration; end
|
662
697
|
class KmsKey < Configuration; end
|
698
|
+
class RdsDbClusterSnapshot < Configuration; end
|
699
|
+
class RdsDbSnapshot < Configuration; end
|
663
700
|
class SecretsManagerSecret < Configuration; end
|
664
701
|
class S3Bucket < Configuration; end
|
702
|
+
class SnsTopic < Configuration; end
|
665
703
|
class SqsQueue < Configuration; end
|
666
704
|
class Unknown < Configuration; end
|
667
705
|
end
|
@@ -696,9 +734,20 @@ module Aws::AccessAnalyzer
|
|
696
734
|
# analyzer_arn: "AnalyzerArn", # required
|
697
735
|
# configurations: { # required
|
698
736
|
# "ConfigurationsMapKey" => {
|
737
|
+
# ebs_snapshot: {
|
738
|
+
# user_ids: ["EbsUserId"],
|
739
|
+
# groups: ["EbsGroup"],
|
740
|
+
# kms_key_id: "EbsSnapshotDataEncryptionKeyId",
|
741
|
+
# },
|
742
|
+
# ecr_repository: {
|
743
|
+
# repository_policy: "EcrRepositoryPolicy",
|
744
|
+
# },
|
699
745
|
# iam_role: {
|
700
746
|
# trust_policy: "IamTrustPolicy",
|
701
747
|
# },
|
748
|
+
# efs_file_system: {
|
749
|
+
# file_system_policy: "EfsFileSystemPolicy",
|
750
|
+
# },
|
702
751
|
# kms_key: {
|
703
752
|
# key_policies: {
|
704
753
|
# "PolicyName" => "KmsKeyPolicy",
|
@@ -720,6 +769,22 @@ module Aws::AccessAnalyzer
|
|
720
769
|
# },
|
721
770
|
# ],
|
722
771
|
# },
|
772
|
+
# rds_db_cluster_snapshot: {
|
773
|
+
# attributes: {
|
774
|
+
# "RdsDbClusterSnapshotAttributeName" => {
|
775
|
+
# account_ids: ["RdsDbClusterSnapshotAccountId"],
|
776
|
+
# },
|
777
|
+
# },
|
778
|
+
# kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
|
779
|
+
# },
|
780
|
+
# rds_db_snapshot: {
|
781
|
+
# attributes: {
|
782
|
+
# "RdsDbSnapshotAttributeName" => {
|
783
|
+
# account_ids: ["RdsDbSnapshotAccountId"],
|
784
|
+
# },
|
785
|
+
# },
|
786
|
+
# kms_key_id: "RdsDbSnapshotKmsKeyId",
|
787
|
+
# },
|
723
788
|
# secrets_manager_secret: {
|
724
789
|
# kms_key_id: "SecretsManagerSecretKmsId",
|
725
790
|
# secret_policy: "SecretsManagerSecretPolicy",
|
@@ -756,6 +821,9 @@ module Aws::AccessAnalyzer
|
|
756
821
|
# },
|
757
822
|
# },
|
758
823
|
# },
|
824
|
+
# sns_topic: {
|
825
|
+
# topic_policy: "SnsTopicPolicy",
|
826
|
+
# },
|
759
827
|
# sqs_queue: {
|
760
828
|
# queue_policy: "SqsQueuePolicy",
|
761
829
|
# },
|
@@ -1051,6 +1119,175 @@ module Aws::AccessAnalyzer
|
|
1051
1119
|
include Aws::Structure
|
1052
1120
|
end
|
1053
1121
|
|
1122
|
+
# The proposed access control configuration for an Amazon EBS volume
|
1123
|
+
# snapshot. You can propose a configuration for a new Amazon EBS volume
|
1124
|
+
# snapshot or an Amazon EBS volume snapshot that you own by specifying
|
1125
|
+
# the user IDs, groups, and optional KMS encryption key. For more
|
1126
|
+
# information, see [ModifySnapshotAttribute][1].
|
1127
|
+
#
|
1128
|
+
#
|
1129
|
+
#
|
1130
|
+
# [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html
|
1131
|
+
#
|
1132
|
+
# @note When making an API call, you may pass EbsSnapshotConfiguration
|
1133
|
+
# data as a hash:
|
1134
|
+
#
|
1135
|
+
# {
|
1136
|
+
# user_ids: ["EbsUserId"],
|
1137
|
+
# groups: ["EbsGroup"],
|
1138
|
+
# kms_key_id: "EbsSnapshotDataEncryptionKeyId",
|
1139
|
+
# }
|
1140
|
+
#
|
1141
|
+
# @!attribute [rw] user_ids
|
1142
|
+
# The IDs of the Amazon Web Services accounts that have access to the
|
1143
|
+
# Amazon EBS volume snapshot.
|
1144
|
+
#
|
1145
|
+
# * If the configuration is for an existing Amazon EBS volume snapshot
|
1146
|
+
# and you do not specify the `userIds`, then the access preview uses
|
1147
|
+
# the existing shared `userIds` for the snapshot.
|
1148
|
+
#
|
1149
|
+
# * If the access preview is for a new resource and you do not specify
|
1150
|
+
# the `userIds`, then the access preview considers the snapshot
|
1151
|
+
# without any `userIds`.
|
1152
|
+
#
|
1153
|
+
# * To propose deletion of existing shared `accountIds`, you can
|
1154
|
+
# specify an empty list for `userIds`.
|
1155
|
+
# @return [Array<String>]
|
1156
|
+
#
|
1157
|
+
# @!attribute [rw] groups
|
1158
|
+
# The groups that have access to the Amazon EBS volume snapshot. If
|
1159
|
+
# the value `all` is specified, then the Amazon EBS volume snapshot is
|
1160
|
+
# public.
|
1161
|
+
#
|
1162
|
+
# * If the configuration is for an existing Amazon EBS volume snapshot
|
1163
|
+
# and you do not specify the `groups`, then the access preview uses
|
1164
|
+
# the existing shared `groups` for the snapshot.
|
1165
|
+
#
|
1166
|
+
# * If the access preview is for a new resource and you do not specify
|
1167
|
+
# the `groups`, then the access preview considers the snapshot
|
1168
|
+
# without any `groups`.
|
1169
|
+
#
|
1170
|
+
# * To propose deletion of existing shared `groups`, you can specify
|
1171
|
+
# an empty list for `groups`.
|
1172
|
+
# @return [Array<String>]
|
1173
|
+
#
|
1174
|
+
# @!attribute [rw] kms_key_id
|
1175
|
+
# The KMS key identifier for an encrypted Amazon EBS volume snapshot.
|
1176
|
+
# The KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1177
|
+
# name for the KMS key.
|
1178
|
+
#
|
1179
|
+
# * If the configuration is for an existing Amazon EBS volume snapshot
|
1180
|
+
# and you do not specify the `kmsKeyId`, or you specify an empty
|
1181
|
+
# string, then the access preview uses the existing `kmsKeyId` of
|
1182
|
+
# the snapshot.
|
1183
|
+
#
|
1184
|
+
# * If the access preview is for a new resource and you do not specify
|
1185
|
+
# the `kmsKeyId`, the access preview considers the snapshot as
|
1186
|
+
# unencrypted.
|
1187
|
+
# @return [String]
|
1188
|
+
#
|
1189
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/EbsSnapshotConfiguration AWS API Documentation
|
1190
|
+
#
|
1191
|
+
class EbsSnapshotConfiguration < Struct.new(
|
1192
|
+
:user_ids,
|
1193
|
+
:groups,
|
1194
|
+
:kms_key_id)
|
1195
|
+
SENSITIVE = []
|
1196
|
+
include Aws::Structure
|
1197
|
+
end
|
1198
|
+
|
1199
|
+
# The proposed access control configuration for an Amazon ECR
|
1200
|
+
# repository. You can propose a configuration for a new Amazon ECR
|
1201
|
+
# repository or an existing Amazon ECR repository that you own by
|
1202
|
+
# specifying the Amazon ECR policy. For more information, see
|
1203
|
+
# [Repository][1].
|
1204
|
+
#
|
1205
|
+
# * If the configuration is for an existing Amazon ECR repository and
|
1206
|
+
# you do not specify the Amazon ECR policy, then the access preview
|
1207
|
+
# uses the existing Amazon ECR policy for the repository.
|
1208
|
+
#
|
1209
|
+
# * If the access preview is for a new resource and you do not specify
|
1210
|
+
# the policy, then the access preview assumes an Amazon ECR repository
|
1211
|
+
# without a policy.
|
1212
|
+
#
|
1213
|
+
# * To propose deletion of an existing Amazon ECR repository policy, you
|
1214
|
+
# can specify an empty string for the Amazon ECR policy.
|
1215
|
+
#
|
1216
|
+
#
|
1217
|
+
#
|
1218
|
+
# [1]: https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_Repository.html
|
1219
|
+
#
|
1220
|
+
# @note When making an API call, you may pass EcrRepositoryConfiguration
|
1221
|
+
# data as a hash:
|
1222
|
+
#
|
1223
|
+
# {
|
1224
|
+
# repository_policy: "EcrRepositoryPolicy",
|
1225
|
+
# }
|
1226
|
+
#
|
1227
|
+
# @!attribute [rw] repository_policy
|
1228
|
+
# The JSON repository policy text to apply to the Amazon ECR
|
1229
|
+
# repository. For more information, see [Private repository policy
|
1230
|
+
# examples][1] in the *Amazon ECR User Guide*.
|
1231
|
+
#
|
1232
|
+
#
|
1233
|
+
#
|
1234
|
+
# [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html
|
1235
|
+
# @return [String]
|
1236
|
+
#
|
1237
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/EcrRepositoryConfiguration AWS API Documentation
|
1238
|
+
#
|
1239
|
+
class EcrRepositoryConfiguration < Struct.new(
|
1240
|
+
:repository_policy)
|
1241
|
+
SENSITIVE = []
|
1242
|
+
include Aws::Structure
|
1243
|
+
end
|
1244
|
+
|
1245
|
+
# The proposed access control configuration for an Amazon EFS file
|
1246
|
+
# system. You can propose a configuration for a new Amazon EFS file
|
1247
|
+
# system or an existing Amazon EFS file system that you own by
|
1248
|
+
# specifying the Amazon EFS policy. For more information, see [Using
|
1249
|
+
# file systems in Amazon EFS][1].
|
1250
|
+
#
|
1251
|
+
# * If the configuration is for an existing Amazon EFS file system and
|
1252
|
+
# you do not specify the Amazon EFS policy, then the access preview
|
1253
|
+
# uses the existing Amazon EFS policy for the file system.
|
1254
|
+
#
|
1255
|
+
# * If the access preview is for a new resource and you do not specify
|
1256
|
+
# the policy, then the access preview assumes an Amazon EFS file
|
1257
|
+
# system without a policy.
|
1258
|
+
#
|
1259
|
+
# * To propose deletion of an existing Amazon EFS file system policy,
|
1260
|
+
# you can specify an empty string for the Amazon EFS policy.
|
1261
|
+
#
|
1262
|
+
#
|
1263
|
+
#
|
1264
|
+
# [1]: https://docs.aws.amazon.com/efs/latest/ug/using-fs.html
|
1265
|
+
#
|
1266
|
+
# @note When making an API call, you may pass EfsFileSystemConfiguration
|
1267
|
+
# data as a hash:
|
1268
|
+
#
|
1269
|
+
# {
|
1270
|
+
# file_system_policy: "EfsFileSystemPolicy",
|
1271
|
+
# }
|
1272
|
+
#
|
1273
|
+
# @!attribute [rw] file_system_policy
|
1274
|
+
# The JSON policy definition to apply to the Amazon EFS file system.
|
1275
|
+
# For more information on the elements that make up a file system
|
1276
|
+
# policy, see [Amazon EFS Resource-based policies][1].
|
1277
|
+
#
|
1278
|
+
#
|
1279
|
+
#
|
1280
|
+
# [1]: https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies
|
1281
|
+
# @return [String]
|
1282
|
+
#
|
1283
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/EfsFileSystemConfiguration AWS API Documentation
|
1284
|
+
#
|
1285
|
+
class EfsFileSystemConfiguration < Struct.new(
|
1286
|
+
:file_system_policy)
|
1287
|
+
SENSITIVE = []
|
1288
|
+
include Aws::Structure
|
1289
|
+
end
|
1290
|
+
|
1054
1291
|
# Contains information about a finding.
|
1055
1292
|
#
|
1056
1293
|
# @!attribute [rw] id
|
@@ -2086,7 +2323,7 @@ module Aws::AccessAnalyzer
|
|
2086
2323
|
#
|
2087
2324
|
# {
|
2088
2325
|
# analyzer_arn: "AnalyzerArn", # required
|
2089
|
-
# resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret
|
2326
|
+
# resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret, AWS::EFS::FileSystem, AWS::EC2::Snapshot, AWS::ECR::Repository, AWS::RDS::DBSnapshot, AWS::RDS::DBClusterSnapshot, AWS::SNS::Topic
|
2090
2327
|
# next_token: "Token",
|
2091
2328
|
# max_results: 1,
|
2092
2329
|
# }
|
@@ -2604,6 +2841,196 @@ module Aws::AccessAnalyzer
|
|
2604
2841
|
include Aws::Structure
|
2605
2842
|
end
|
2606
2843
|
|
2844
|
+
# The values for a manual Amazon RDS DB cluster snapshot attribute.
|
2845
|
+
#
|
2846
|
+
# @note RdsDbClusterSnapshotAttributeValue is a union - when making an API calls you must set exactly one of the members.
|
2847
|
+
#
|
2848
|
+
# @note RdsDbClusterSnapshotAttributeValue is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of RdsDbClusterSnapshotAttributeValue corresponding to the set member.
|
2849
|
+
#
|
2850
|
+
# @!attribute [rw] account_ids
|
2851
|
+
# The Amazon Web Services account IDs that have access to the manual
|
2852
|
+
# Amazon RDS DB cluster snapshot. If the value `all` is specified,
|
2853
|
+
# then the Amazon RDS DB cluster snapshot is public and can be copied
|
2854
|
+
# or restored by all Amazon Web Services accounts.
|
2855
|
+
#
|
2856
|
+
# * If the configuration is for an existing Amazon RDS DB cluster
|
2857
|
+
# snapshot and you do not specify the `accountIds` in
|
2858
|
+
# `RdsDbClusterSnapshotAttributeValue`, then the access preview uses
|
2859
|
+
# the existing shared `accountIds` for the snapshot.
|
2860
|
+
#
|
2861
|
+
# * If the access preview is for a new resource and you do not specify
|
2862
|
+
# the specify the `accountIds` in
|
2863
|
+
# `RdsDbClusterSnapshotAttributeValue`, then the access preview
|
2864
|
+
# considers the snapshot without any attributes.
|
2865
|
+
#
|
2866
|
+
# * To propose deletion of existing shared `accountIds`, you can
|
2867
|
+
# specify an empty list for `accountIds` in the
|
2868
|
+
# `RdsDbClusterSnapshotAttributeValue`.
|
2869
|
+
# @return [Array<String>]
|
2870
|
+
#
|
2871
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbClusterSnapshotAttributeValue AWS API Documentation
|
2872
|
+
#
|
2873
|
+
class RdsDbClusterSnapshotAttributeValue < Struct.new(
|
2874
|
+
:account_ids,
|
2875
|
+
:unknown)
|
2876
|
+
SENSITIVE = []
|
2877
|
+
include Aws::Structure
|
2878
|
+
include Aws::Structure::Union
|
2879
|
+
|
2880
|
+
class AccountIds < RdsDbClusterSnapshotAttributeValue; end
|
2881
|
+
class Unknown < RdsDbClusterSnapshotAttributeValue; end
|
2882
|
+
end
|
2883
|
+
|
2884
|
+
# The proposed access control configuration for an Amazon RDS DB cluster
|
2885
|
+
# snapshot. You can propose a configuration for a new Amazon RDS DB
|
2886
|
+
# cluster snapshot or an Amazon RDS DB cluster snapshot that you own by
|
2887
|
+
# specifying the `RdsDbClusterSnapshotAttributeValue` and optional KMS
|
2888
|
+
# encryption key. For more information, see
|
2889
|
+
# [ModifyDBClusterSnapshotAttribute][1].
|
2890
|
+
#
|
2891
|
+
#
|
2892
|
+
#
|
2893
|
+
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html
|
2894
|
+
#
|
2895
|
+
# @note When making an API call, you may pass RdsDbClusterSnapshotConfiguration
|
2896
|
+
# data as a hash:
|
2897
|
+
#
|
2898
|
+
# {
|
2899
|
+
# attributes: {
|
2900
|
+
# "RdsDbClusterSnapshotAttributeName" => {
|
2901
|
+
# account_ids: ["RdsDbClusterSnapshotAccountId"],
|
2902
|
+
# },
|
2903
|
+
# },
|
2904
|
+
# kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
|
2905
|
+
# }
|
2906
|
+
#
|
2907
|
+
# @!attribute [rw] attributes
|
2908
|
+
# The names and values of manual DB cluster snapshot attributes.
|
2909
|
+
# Manual DB cluster snapshot attributes are used to authorize other
|
2910
|
+
# Amazon Web Services accounts to restore a manual DB cluster
|
2911
|
+
# snapshot. The only valid value for `AttributeName` for the attribute
|
2912
|
+
# map is `restore`
|
2913
|
+
# @return [Hash<String,Types::RdsDbClusterSnapshotAttributeValue>]
|
2914
|
+
#
|
2915
|
+
# @!attribute [rw] kms_key_id
|
2916
|
+
# The KMS key identifier for an encrypted Amazon RDS DB cluster
|
2917
|
+
# snapshot. The KMS key identifier is the key ARN, key ID, alias ARN,
|
2918
|
+
# or alias name for the KMS key.
|
2919
|
+
#
|
2920
|
+
# * If the configuration is for an existing Amazon RDS DB cluster
|
2921
|
+
# snapshot and you do not specify the `kmsKeyId`, or you specify an
|
2922
|
+
# empty string, then the access preview uses the existing `kmsKeyId`
|
2923
|
+
# of the snapshot.
|
2924
|
+
#
|
2925
|
+
# * If the access preview is for a new resource and you do not specify
|
2926
|
+
# the specify the `kmsKeyId`, then the access preview considers the
|
2927
|
+
# snapshot as unencrypted.
|
2928
|
+
# @return [String]
|
2929
|
+
#
|
2930
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbClusterSnapshotConfiguration AWS API Documentation
|
2931
|
+
#
|
2932
|
+
class RdsDbClusterSnapshotConfiguration < Struct.new(
|
2933
|
+
:attributes,
|
2934
|
+
:kms_key_id)
|
2935
|
+
SENSITIVE = []
|
2936
|
+
include Aws::Structure
|
2937
|
+
end
|
2938
|
+
|
2939
|
+
# The name and values of a manual Amazon RDS DB snapshot attribute.
|
2940
|
+
# Manual DB snapshot attributes are used to authorize other Amazon Web
|
2941
|
+
# Services accounts to restore a manual DB snapshot.
|
2942
|
+
#
|
2943
|
+
# @note RdsDbSnapshotAttributeValue is a union - when making an API calls you must set exactly one of the members.
|
2944
|
+
#
|
2945
|
+
# @note RdsDbSnapshotAttributeValue is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of RdsDbSnapshotAttributeValue corresponding to the set member.
|
2946
|
+
#
|
2947
|
+
# @!attribute [rw] account_ids
|
2948
|
+
# The Amazon Web Services account IDs that have access to the manual
|
2949
|
+
# Amazon RDS DB snapshot. If the value `all` is specified, then the
|
2950
|
+
# Amazon RDS DB snapshot is public and can be copied or restored by
|
2951
|
+
# all Amazon Web Services accounts.
|
2952
|
+
#
|
2953
|
+
# * If the configuration is for an existing Amazon RDS DB snapshot and
|
2954
|
+
# you do not specify the `accountIds` in
|
2955
|
+
# `RdsDbSnapshotAttributeValue`, then the access preview uses the
|
2956
|
+
# existing shared `accountIds` for the snapshot.
|
2957
|
+
#
|
2958
|
+
# * If the access preview is for a new resource and you do not specify
|
2959
|
+
# the specify the `accountIds` in `RdsDbSnapshotAttributeValue`,
|
2960
|
+
# then the access preview considers the snapshot without any
|
2961
|
+
# attributes.
|
2962
|
+
#
|
2963
|
+
# * To propose deletion of an existing shared `accountIds`, you can
|
2964
|
+
# specify an empty list for `accountIds` in the
|
2965
|
+
# `RdsDbSnapshotAttributeValue`.
|
2966
|
+
# @return [Array<String>]
|
2967
|
+
#
|
2968
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbSnapshotAttributeValue AWS API Documentation
|
2969
|
+
#
|
2970
|
+
class RdsDbSnapshotAttributeValue < Struct.new(
|
2971
|
+
:account_ids,
|
2972
|
+
:unknown)
|
2973
|
+
SENSITIVE = []
|
2974
|
+
include Aws::Structure
|
2975
|
+
include Aws::Structure::Union
|
2976
|
+
|
2977
|
+
class AccountIds < RdsDbSnapshotAttributeValue; end
|
2978
|
+
class Unknown < RdsDbSnapshotAttributeValue; end
|
2979
|
+
end
|
2980
|
+
|
2981
|
+
# The proposed access control configuration for an Amazon RDS DB
|
2982
|
+
# snapshot. You can propose a configuration for a new Amazon RDS DB
|
2983
|
+
# snapshot or an Amazon RDS DB snapshot that you own by specifying the
|
2984
|
+
# `RdsDbSnapshotAttributeValue` and optional KMS encryption key. For
|
2985
|
+
# more information, see [ModifyDBSnapshotAttribute][1].
|
2986
|
+
#
|
2987
|
+
#
|
2988
|
+
#
|
2989
|
+
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html
|
2990
|
+
#
|
2991
|
+
# @note When making an API call, you may pass RdsDbSnapshotConfiguration
|
2992
|
+
# data as a hash:
|
2993
|
+
#
|
2994
|
+
# {
|
2995
|
+
# attributes: {
|
2996
|
+
# "RdsDbSnapshotAttributeName" => {
|
2997
|
+
# account_ids: ["RdsDbSnapshotAccountId"],
|
2998
|
+
# },
|
2999
|
+
# },
|
3000
|
+
# kms_key_id: "RdsDbSnapshotKmsKeyId",
|
3001
|
+
# }
|
3002
|
+
#
|
3003
|
+
# @!attribute [rw] attributes
|
3004
|
+
# The names and values of manual DB snapshot attributes. Manual DB
|
3005
|
+
# snapshot attributes are used to authorize other Amazon Web Services
|
3006
|
+
# accounts to restore a manual DB snapshot. The only valid value for
|
3007
|
+
# `attributeName` for the attribute map is restore.
|
3008
|
+
# @return [Hash<String,Types::RdsDbSnapshotAttributeValue>]
|
3009
|
+
#
|
3010
|
+
# @!attribute [rw] kms_key_id
|
3011
|
+
# The KMS key identifier for an encrypted Amazon RDS DB snapshot. The
|
3012
|
+
# KMS key identifier is the key ARN, key ID, alias ARN, or alias name
|
3013
|
+
# for the KMS key.
|
3014
|
+
#
|
3015
|
+
# * If the configuration is for an existing Amazon RDS DB snapshot and
|
3016
|
+
# you do not specify the `kmsKeyId`, or you specify an empty string,
|
3017
|
+
# then the access preview uses the existing `kmsKeyId` of the
|
3018
|
+
# snapshot.
|
3019
|
+
#
|
3020
|
+
# * If the access preview is for a new resource and you do not specify
|
3021
|
+
# the specify the `kmsKeyId`, then the access preview considers the
|
3022
|
+
# snapshot as unencrypted.
|
3023
|
+
# @return [String]
|
3024
|
+
#
|
3025
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbSnapshotConfiguration AWS API Documentation
|
3026
|
+
#
|
3027
|
+
class RdsDbSnapshotConfiguration < Struct.new(
|
3028
|
+
:attributes,
|
3029
|
+
:kms_key_id)
|
3030
|
+
SENSITIVE = []
|
3031
|
+
include Aws::Structure
|
3032
|
+
end
|
3033
|
+
|
2607
3034
|
# The specified resource could not be found.
|
2608
3035
|
#
|
2609
3036
|
# @!attribute [rw] message
|
@@ -2927,6 +3354,47 @@ module Aws::AccessAnalyzer
|
|
2927
3354
|
include Aws::Structure
|
2928
3355
|
end
|
2929
3356
|
|
3357
|
+
# The proposed access control configuration for an Amazon SNS topic. You
|
3358
|
+
# can propose a configuration for a new Amazon SNS topic or an existing
|
3359
|
+
# Amazon SNS topic that you own by specifying the policy. If the
|
3360
|
+
# configuration is for an existing Amazon SNS topic and you do not
|
3361
|
+
# specify the Amazon SNS policy, then the access preview uses the
|
3362
|
+
# existing Amazon SNS policy for the topic. If the access preview is for
|
3363
|
+
# a new resource and you do not specify the policy, then the access
|
3364
|
+
# preview assumes an Amazon SNS topic without a policy. To propose
|
3365
|
+
# deletion of an existing Amazon SNS topic policy, you can specify an
|
3366
|
+
# empty string for the Amazon SNS policy. For more information, see
|
3367
|
+
# [Topic][1].
|
3368
|
+
#
|
3369
|
+
#
|
3370
|
+
#
|
3371
|
+
# [1]: https://docs.aws.amazon.com/sns/latest/api/API_Topic.html
|
3372
|
+
#
|
3373
|
+
# @note When making an API call, you may pass SnsTopicConfiguration
|
3374
|
+
# data as a hash:
|
3375
|
+
#
|
3376
|
+
# {
|
3377
|
+
# topic_policy: "SnsTopicPolicy",
|
3378
|
+
# }
|
3379
|
+
#
|
3380
|
+
# @!attribute [rw] topic_policy
|
3381
|
+
# The JSON policy text that defines who can access an Amazon SNS
|
3382
|
+
# topic. For more information, see [Example cases for Amazon SNS
|
3383
|
+
# access control][1] in the *Amazon SNS Developer Guide*.
|
3384
|
+
#
|
3385
|
+
#
|
3386
|
+
#
|
3387
|
+
# [1]: https://docs.aws.amazon.com/sns/latest/dg/sns-access-policy-use-cases.html
|
3388
|
+
# @return [String]
|
3389
|
+
#
|
3390
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/SnsTopicConfiguration AWS API Documentation
|
3391
|
+
#
|
3392
|
+
class SnsTopicConfiguration < Struct.new(
|
3393
|
+
:topic_policy)
|
3394
|
+
SENSITIVE = []
|
3395
|
+
include Aws::Structure
|
3396
|
+
end
|
3397
|
+
|
2930
3398
|
# The criteria used to sort.
|
2931
3399
|
#
|
2932
3400
|
# @note When making an API call, you may pass SortCriteria
|
@@ -3089,6 +3557,7 @@ module Aws::AccessAnalyzer
|
|
3089
3557
|
# {
|
3090
3558
|
# analyzer_arn: "AnalyzerArn", # required
|
3091
3559
|
# resource_arn: "ResourceArn", # required
|
3560
|
+
# resource_owner_account: "String",
|
3092
3561
|
# }
|
3093
3562
|
#
|
3094
3563
|
# @!attribute [rw] analyzer_arn
|
@@ -3104,11 +3573,18 @@ module Aws::AccessAnalyzer
|
|
3104
3573
|
# The ARN of the resource to scan.
|
3105
3574
|
# @return [String]
|
3106
3575
|
#
|
3576
|
+
# @!attribute [rw] resource_owner_account
|
3577
|
+
# The Amazon Web Services account ID that owns the resource. For most
|
3578
|
+
# Amazon Web Services resources, the owning account is the account in
|
3579
|
+
# which the resource was created.
|
3580
|
+
# @return [String]
|
3581
|
+
#
|
3107
3582
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartResourceScanRequest AWS API Documentation
|
3108
3583
|
#
|
3109
3584
|
class StartResourceScanRequest < Struct.new(
|
3110
3585
|
:analyzer_arn,
|
3111
|
-
:resource_arn
|
3586
|
+
:resource_arn,
|
3587
|
+
:resource_owner_account)
|
3112
3588
|
SENSITIVE = []
|
3113
3589
|
include Aws::Structure
|
3114
3590
|
end
|
@@ -13,9 +13,13 @@ require 'aws-sigv4'
|
|
13
13
|
|
14
14
|
require_relative 'aws-sdk-accessanalyzer/types'
|
15
15
|
require_relative 'aws-sdk-accessanalyzer/client_api'
|
16
|
+
require_relative 'aws-sdk-accessanalyzer/plugins/endpoints.rb'
|
16
17
|
require_relative 'aws-sdk-accessanalyzer/client'
|
17
18
|
require_relative 'aws-sdk-accessanalyzer/errors'
|
18
19
|
require_relative 'aws-sdk-accessanalyzer/resource'
|
20
|
+
require_relative 'aws-sdk-accessanalyzer/endpoint_parameters'
|
21
|
+
require_relative 'aws-sdk-accessanalyzer/endpoint_provider'
|
22
|
+
require_relative 'aws-sdk-accessanalyzer/endpoints'
|
19
23
|
require_relative 'aws-sdk-accessanalyzer/customizations'
|
20
24
|
|
21
25
|
# This module provides support for Access Analyzer. This module is available in the
|
@@ -48,6 +52,6 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
|
|
48
52
|
# @!group service
|
49
53
|
module Aws::AccessAnalyzer
|
50
54
|
|
51
|
-
GEM_VERSION = '1.
|
55
|
+
GEM_VERSION = '1.31.0'
|
52
56
|
|
53
57
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-accessanalyzer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.31.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-10-
|
11
|
+
date: 2022-10-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.165.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.165.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -59,7 +59,11 @@ files:
|
|
59
59
|
- lib/aws-sdk-accessanalyzer/client.rb
|
60
60
|
- lib/aws-sdk-accessanalyzer/client_api.rb
|
61
61
|
- lib/aws-sdk-accessanalyzer/customizations.rb
|
62
|
+
- lib/aws-sdk-accessanalyzer/endpoint_parameters.rb
|
63
|
+
- lib/aws-sdk-accessanalyzer/endpoint_provider.rb
|
64
|
+
- lib/aws-sdk-accessanalyzer/endpoints.rb
|
62
65
|
- lib/aws-sdk-accessanalyzer/errors.rb
|
66
|
+
- lib/aws-sdk-accessanalyzer/plugins/endpoints.rb
|
63
67
|
- lib/aws-sdk-accessanalyzer/resource.rb
|
64
68
|
- lib/aws-sdk-accessanalyzer/types.rb
|
65
69
|
homepage: https://github.com/aws/aws-sdk-ruby
|