aws-sdk-accessanalyzer 1.30.0 → 1.31.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-accessanalyzer/client.rb +78 -9
- data/lib/aws-sdk-accessanalyzer/client_api.rb +88 -1
- data/lib/aws-sdk-accessanalyzer/endpoint_parameters.rb +66 -0
- data/lib/aws-sdk-accessanalyzer/endpoint_provider.rb +112 -0
- data/lib/aws-sdk-accessanalyzer/endpoints.rb +407 -0
- data/lib/aws-sdk-accessanalyzer/plugins/endpoints.rb +124 -0
- data/lib/aws-sdk-accessanalyzer/types.rb +478 -2
- data/lib/aws-sdk-accessanalyzer.rb +5 -1
- metadata +8 -4
@@ -625,14 +625,36 @@ module Aws::AccessAnalyzer
|
|
625
625
|
#
|
626
626
|
# @note Configuration is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of Configuration corresponding to the set member.
|
627
627
|
#
|
628
|
+
# @!attribute [rw] ebs_snapshot
|
629
|
+
# The access control configuration is for an Amazon EBS volume
|
630
|
+
# snapshot.
|
631
|
+
# @return [Types::EbsSnapshotConfiguration]
|
632
|
+
#
|
633
|
+
# @!attribute [rw] ecr_repository
|
634
|
+
# The access control configuration is for an Amazon ECR repository.
|
635
|
+
# @return [Types::EcrRepositoryConfiguration]
|
636
|
+
#
|
628
637
|
# @!attribute [rw] iam_role
|
629
638
|
# The access control configuration is for an IAM role.
|
630
639
|
# @return [Types::IamRoleConfiguration]
|
631
640
|
#
|
641
|
+
# @!attribute [rw] efs_file_system
|
642
|
+
# The access control configuration is for an Amazon EFS file system.
|
643
|
+
# @return [Types::EfsFileSystemConfiguration]
|
644
|
+
#
|
632
645
|
# @!attribute [rw] kms_key
|
633
646
|
# The access control configuration is for a KMS key.
|
634
647
|
# @return [Types::KmsKeyConfiguration]
|
635
648
|
#
|
649
|
+
# @!attribute [rw] rds_db_cluster_snapshot
|
650
|
+
# The access control configuration is for an Amazon RDS DB cluster
|
651
|
+
# snapshot.
|
652
|
+
# @return [Types::RdsDbClusterSnapshotConfiguration]
|
653
|
+
#
|
654
|
+
# @!attribute [rw] rds_db_snapshot
|
655
|
+
# The access control configuration is for an Amazon RDS DB snapshot.
|
656
|
+
# @return [Types::RdsDbSnapshotConfiguration]
|
657
|
+
#
|
636
658
|
# @!attribute [rw] secrets_manager_secret
|
637
659
|
# The access control configuration is for a Secrets Manager secret.
|
638
660
|
# @return [Types::SecretsManagerSecretConfiguration]
|
@@ -641,6 +663,10 @@ module Aws::AccessAnalyzer
|
|
641
663
|
# The access control configuration is for an Amazon S3 Bucket.
|
642
664
|
# @return [Types::S3BucketConfiguration]
|
643
665
|
#
|
666
|
+
# @!attribute [rw] sns_topic
|
667
|
+
# The access control configuration is for an Amazon SNS topic
|
668
|
+
# @return [Types::SnsTopicConfiguration]
|
669
|
+
#
|
644
670
|
# @!attribute [rw] sqs_queue
|
645
671
|
# The access control configuration is for an Amazon SQS queue.
|
646
672
|
# @return [Types::SqsQueueConfiguration]
|
@@ -648,20 +674,32 @@ module Aws::AccessAnalyzer
|
|
648
674
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/Configuration AWS API Documentation
|
649
675
|
#
|
650
676
|
class Configuration < Struct.new(
|
677
|
+
:ebs_snapshot,
|
678
|
+
:ecr_repository,
|
651
679
|
:iam_role,
|
680
|
+
:efs_file_system,
|
652
681
|
:kms_key,
|
682
|
+
:rds_db_cluster_snapshot,
|
683
|
+
:rds_db_snapshot,
|
653
684
|
:secrets_manager_secret,
|
654
685
|
:s3_bucket,
|
686
|
+
:sns_topic,
|
655
687
|
:sqs_queue,
|
656
688
|
:unknown)
|
657
689
|
SENSITIVE = []
|
658
690
|
include Aws::Structure
|
659
691
|
include Aws::Structure::Union
|
660
692
|
|
693
|
+
class EbsSnapshot < Configuration; end
|
694
|
+
class EcrRepository < Configuration; end
|
661
695
|
class IamRole < Configuration; end
|
696
|
+
class EfsFileSystem < Configuration; end
|
662
697
|
class KmsKey < Configuration; end
|
698
|
+
class RdsDbClusterSnapshot < Configuration; end
|
699
|
+
class RdsDbSnapshot < Configuration; end
|
663
700
|
class SecretsManagerSecret < Configuration; end
|
664
701
|
class S3Bucket < Configuration; end
|
702
|
+
class SnsTopic < Configuration; end
|
665
703
|
class SqsQueue < Configuration; end
|
666
704
|
class Unknown < Configuration; end
|
667
705
|
end
|
@@ -696,9 +734,20 @@ module Aws::AccessAnalyzer
|
|
696
734
|
# analyzer_arn: "AnalyzerArn", # required
|
697
735
|
# configurations: { # required
|
698
736
|
# "ConfigurationsMapKey" => {
|
737
|
+
# ebs_snapshot: {
|
738
|
+
# user_ids: ["EbsUserId"],
|
739
|
+
# groups: ["EbsGroup"],
|
740
|
+
# kms_key_id: "EbsSnapshotDataEncryptionKeyId",
|
741
|
+
# },
|
742
|
+
# ecr_repository: {
|
743
|
+
# repository_policy: "EcrRepositoryPolicy",
|
744
|
+
# },
|
699
745
|
# iam_role: {
|
700
746
|
# trust_policy: "IamTrustPolicy",
|
701
747
|
# },
|
748
|
+
# efs_file_system: {
|
749
|
+
# file_system_policy: "EfsFileSystemPolicy",
|
750
|
+
# },
|
702
751
|
# kms_key: {
|
703
752
|
# key_policies: {
|
704
753
|
# "PolicyName" => "KmsKeyPolicy",
|
@@ -720,6 +769,22 @@ module Aws::AccessAnalyzer
|
|
720
769
|
# },
|
721
770
|
# ],
|
722
771
|
# },
|
772
|
+
# rds_db_cluster_snapshot: {
|
773
|
+
# attributes: {
|
774
|
+
# "RdsDbClusterSnapshotAttributeName" => {
|
775
|
+
# account_ids: ["RdsDbClusterSnapshotAccountId"],
|
776
|
+
# },
|
777
|
+
# },
|
778
|
+
# kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
|
779
|
+
# },
|
780
|
+
# rds_db_snapshot: {
|
781
|
+
# attributes: {
|
782
|
+
# "RdsDbSnapshotAttributeName" => {
|
783
|
+
# account_ids: ["RdsDbSnapshotAccountId"],
|
784
|
+
# },
|
785
|
+
# },
|
786
|
+
# kms_key_id: "RdsDbSnapshotKmsKeyId",
|
787
|
+
# },
|
723
788
|
# secrets_manager_secret: {
|
724
789
|
# kms_key_id: "SecretsManagerSecretKmsId",
|
725
790
|
# secret_policy: "SecretsManagerSecretPolicy",
|
@@ -756,6 +821,9 @@ module Aws::AccessAnalyzer
|
|
756
821
|
# },
|
757
822
|
# },
|
758
823
|
# },
|
824
|
+
# sns_topic: {
|
825
|
+
# topic_policy: "SnsTopicPolicy",
|
826
|
+
# },
|
759
827
|
# sqs_queue: {
|
760
828
|
# queue_policy: "SqsQueuePolicy",
|
761
829
|
# },
|
@@ -1051,6 +1119,175 @@ module Aws::AccessAnalyzer
|
|
1051
1119
|
include Aws::Structure
|
1052
1120
|
end
|
1053
1121
|
|
1122
|
+
# The proposed access control configuration for an Amazon EBS volume
|
1123
|
+
# snapshot. You can propose a configuration for a new Amazon EBS volume
|
1124
|
+
# snapshot or an Amazon EBS volume snapshot that you own by specifying
|
1125
|
+
# the user IDs, groups, and optional KMS encryption key. For more
|
1126
|
+
# information, see [ModifySnapshotAttribute][1].
|
1127
|
+
#
|
1128
|
+
#
|
1129
|
+
#
|
1130
|
+
# [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html
|
1131
|
+
#
|
1132
|
+
# @note When making an API call, you may pass EbsSnapshotConfiguration
|
1133
|
+
# data as a hash:
|
1134
|
+
#
|
1135
|
+
# {
|
1136
|
+
# user_ids: ["EbsUserId"],
|
1137
|
+
# groups: ["EbsGroup"],
|
1138
|
+
# kms_key_id: "EbsSnapshotDataEncryptionKeyId",
|
1139
|
+
# }
|
1140
|
+
#
|
1141
|
+
# @!attribute [rw] user_ids
|
1142
|
+
# The IDs of the Amazon Web Services accounts that have access to the
|
1143
|
+
# Amazon EBS volume snapshot.
|
1144
|
+
#
|
1145
|
+
# * If the configuration is for an existing Amazon EBS volume snapshot
|
1146
|
+
# and you do not specify the `userIds`, then the access preview uses
|
1147
|
+
# the existing shared `userIds` for the snapshot.
|
1148
|
+
#
|
1149
|
+
# * If the access preview is for a new resource and you do not specify
|
1150
|
+
# the `userIds`, then the access preview considers the snapshot
|
1151
|
+
# without any `userIds`.
|
1152
|
+
#
|
1153
|
+
# * To propose deletion of existing shared `accountIds`, you can
|
1154
|
+
# specify an empty list for `userIds`.
|
1155
|
+
# @return [Array<String>]
|
1156
|
+
#
|
1157
|
+
# @!attribute [rw] groups
|
1158
|
+
# The groups that have access to the Amazon EBS volume snapshot. If
|
1159
|
+
# the value `all` is specified, then the Amazon EBS volume snapshot is
|
1160
|
+
# public.
|
1161
|
+
#
|
1162
|
+
# * If the configuration is for an existing Amazon EBS volume snapshot
|
1163
|
+
# and you do not specify the `groups`, then the access preview uses
|
1164
|
+
# the existing shared `groups` for the snapshot.
|
1165
|
+
#
|
1166
|
+
# * If the access preview is for a new resource and you do not specify
|
1167
|
+
# the `groups`, then the access preview considers the snapshot
|
1168
|
+
# without any `groups`.
|
1169
|
+
#
|
1170
|
+
# * To propose deletion of existing shared `groups`, you can specify
|
1171
|
+
# an empty list for `groups`.
|
1172
|
+
# @return [Array<String>]
|
1173
|
+
#
|
1174
|
+
# @!attribute [rw] kms_key_id
|
1175
|
+
# The KMS key identifier for an encrypted Amazon EBS volume snapshot.
|
1176
|
+
# The KMS key identifier is the key ARN, key ID, alias ARN, or alias
|
1177
|
+
# name for the KMS key.
|
1178
|
+
#
|
1179
|
+
# * If the configuration is for an existing Amazon EBS volume snapshot
|
1180
|
+
# and you do not specify the `kmsKeyId`, or you specify an empty
|
1181
|
+
# string, then the access preview uses the existing `kmsKeyId` of
|
1182
|
+
# the snapshot.
|
1183
|
+
#
|
1184
|
+
# * If the access preview is for a new resource and you do not specify
|
1185
|
+
# the `kmsKeyId`, the access preview considers the snapshot as
|
1186
|
+
# unencrypted.
|
1187
|
+
# @return [String]
|
1188
|
+
#
|
1189
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/EbsSnapshotConfiguration AWS API Documentation
|
1190
|
+
#
|
1191
|
+
class EbsSnapshotConfiguration < Struct.new(
|
1192
|
+
:user_ids,
|
1193
|
+
:groups,
|
1194
|
+
:kms_key_id)
|
1195
|
+
SENSITIVE = []
|
1196
|
+
include Aws::Structure
|
1197
|
+
end
|
1198
|
+
|
1199
|
+
# The proposed access control configuration for an Amazon ECR
|
1200
|
+
# repository. You can propose a configuration for a new Amazon ECR
|
1201
|
+
# repository or an existing Amazon ECR repository that you own by
|
1202
|
+
# specifying the Amazon ECR policy. For more information, see
|
1203
|
+
# [Repository][1].
|
1204
|
+
#
|
1205
|
+
# * If the configuration is for an existing Amazon ECR repository and
|
1206
|
+
# you do not specify the Amazon ECR policy, then the access preview
|
1207
|
+
# uses the existing Amazon ECR policy for the repository.
|
1208
|
+
#
|
1209
|
+
# * If the access preview is for a new resource and you do not specify
|
1210
|
+
# the policy, then the access preview assumes an Amazon ECR repository
|
1211
|
+
# without a policy.
|
1212
|
+
#
|
1213
|
+
# * To propose deletion of an existing Amazon ECR repository policy, you
|
1214
|
+
# can specify an empty string for the Amazon ECR policy.
|
1215
|
+
#
|
1216
|
+
#
|
1217
|
+
#
|
1218
|
+
# [1]: https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_Repository.html
|
1219
|
+
#
|
1220
|
+
# @note When making an API call, you may pass EcrRepositoryConfiguration
|
1221
|
+
# data as a hash:
|
1222
|
+
#
|
1223
|
+
# {
|
1224
|
+
# repository_policy: "EcrRepositoryPolicy",
|
1225
|
+
# }
|
1226
|
+
#
|
1227
|
+
# @!attribute [rw] repository_policy
|
1228
|
+
# The JSON repository policy text to apply to the Amazon ECR
|
1229
|
+
# repository. For more information, see [Private repository policy
|
1230
|
+
# examples][1] in the *Amazon ECR User Guide*.
|
1231
|
+
#
|
1232
|
+
#
|
1233
|
+
#
|
1234
|
+
# [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html
|
1235
|
+
# @return [String]
|
1236
|
+
#
|
1237
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/EcrRepositoryConfiguration AWS API Documentation
|
1238
|
+
#
|
1239
|
+
class EcrRepositoryConfiguration < Struct.new(
|
1240
|
+
:repository_policy)
|
1241
|
+
SENSITIVE = []
|
1242
|
+
include Aws::Structure
|
1243
|
+
end
|
1244
|
+
|
1245
|
+
# The proposed access control configuration for an Amazon EFS file
|
1246
|
+
# system. You can propose a configuration for a new Amazon EFS file
|
1247
|
+
# system or an existing Amazon EFS file system that you own by
|
1248
|
+
# specifying the Amazon EFS policy. For more information, see [Using
|
1249
|
+
# file systems in Amazon EFS][1].
|
1250
|
+
#
|
1251
|
+
# * If the configuration is for an existing Amazon EFS file system and
|
1252
|
+
# you do not specify the Amazon EFS policy, then the access preview
|
1253
|
+
# uses the existing Amazon EFS policy for the file system.
|
1254
|
+
#
|
1255
|
+
# * If the access preview is for a new resource and you do not specify
|
1256
|
+
# the policy, then the access preview assumes an Amazon EFS file
|
1257
|
+
# system without a policy.
|
1258
|
+
#
|
1259
|
+
# * To propose deletion of an existing Amazon EFS file system policy,
|
1260
|
+
# you can specify an empty string for the Amazon EFS policy.
|
1261
|
+
#
|
1262
|
+
#
|
1263
|
+
#
|
1264
|
+
# [1]: https://docs.aws.amazon.com/efs/latest/ug/using-fs.html
|
1265
|
+
#
|
1266
|
+
# @note When making an API call, you may pass EfsFileSystemConfiguration
|
1267
|
+
# data as a hash:
|
1268
|
+
#
|
1269
|
+
# {
|
1270
|
+
# file_system_policy: "EfsFileSystemPolicy",
|
1271
|
+
# }
|
1272
|
+
#
|
1273
|
+
# @!attribute [rw] file_system_policy
|
1274
|
+
# The JSON policy definition to apply to the Amazon EFS file system.
|
1275
|
+
# For more information on the elements that make up a file system
|
1276
|
+
# policy, see [Amazon EFS Resource-based policies][1].
|
1277
|
+
#
|
1278
|
+
#
|
1279
|
+
#
|
1280
|
+
# [1]: https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies
|
1281
|
+
# @return [String]
|
1282
|
+
#
|
1283
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/EfsFileSystemConfiguration AWS API Documentation
|
1284
|
+
#
|
1285
|
+
class EfsFileSystemConfiguration < Struct.new(
|
1286
|
+
:file_system_policy)
|
1287
|
+
SENSITIVE = []
|
1288
|
+
include Aws::Structure
|
1289
|
+
end
|
1290
|
+
|
1054
1291
|
# Contains information about a finding.
|
1055
1292
|
#
|
1056
1293
|
# @!attribute [rw] id
|
@@ -2086,7 +2323,7 @@ module Aws::AccessAnalyzer
|
|
2086
2323
|
#
|
2087
2324
|
# {
|
2088
2325
|
# analyzer_arn: "AnalyzerArn", # required
|
2089
|
-
# resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret
|
2326
|
+
# resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret, AWS::EFS::FileSystem, AWS::EC2::Snapshot, AWS::ECR::Repository, AWS::RDS::DBSnapshot, AWS::RDS::DBClusterSnapshot, AWS::SNS::Topic
|
2090
2327
|
# next_token: "Token",
|
2091
2328
|
# max_results: 1,
|
2092
2329
|
# }
|
@@ -2604,6 +2841,196 @@ module Aws::AccessAnalyzer
|
|
2604
2841
|
include Aws::Structure
|
2605
2842
|
end
|
2606
2843
|
|
2844
|
+
# The values for a manual Amazon RDS DB cluster snapshot attribute.
|
2845
|
+
#
|
2846
|
+
# @note RdsDbClusterSnapshotAttributeValue is a union - when making an API calls you must set exactly one of the members.
|
2847
|
+
#
|
2848
|
+
# @note RdsDbClusterSnapshotAttributeValue is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of RdsDbClusterSnapshotAttributeValue corresponding to the set member.
|
2849
|
+
#
|
2850
|
+
# @!attribute [rw] account_ids
|
2851
|
+
# The Amazon Web Services account IDs that have access to the manual
|
2852
|
+
# Amazon RDS DB cluster snapshot. If the value `all` is specified,
|
2853
|
+
# then the Amazon RDS DB cluster snapshot is public and can be copied
|
2854
|
+
# or restored by all Amazon Web Services accounts.
|
2855
|
+
#
|
2856
|
+
# * If the configuration is for an existing Amazon RDS DB cluster
|
2857
|
+
# snapshot and you do not specify the `accountIds` in
|
2858
|
+
# `RdsDbClusterSnapshotAttributeValue`, then the access preview uses
|
2859
|
+
# the existing shared `accountIds` for the snapshot.
|
2860
|
+
#
|
2861
|
+
# * If the access preview is for a new resource and you do not specify
|
2862
|
+
# the specify the `accountIds` in
|
2863
|
+
# `RdsDbClusterSnapshotAttributeValue`, then the access preview
|
2864
|
+
# considers the snapshot without any attributes.
|
2865
|
+
#
|
2866
|
+
# * To propose deletion of existing shared `accountIds`, you can
|
2867
|
+
# specify an empty list for `accountIds` in the
|
2868
|
+
# `RdsDbClusterSnapshotAttributeValue`.
|
2869
|
+
# @return [Array<String>]
|
2870
|
+
#
|
2871
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbClusterSnapshotAttributeValue AWS API Documentation
|
2872
|
+
#
|
2873
|
+
class RdsDbClusterSnapshotAttributeValue < Struct.new(
|
2874
|
+
:account_ids,
|
2875
|
+
:unknown)
|
2876
|
+
SENSITIVE = []
|
2877
|
+
include Aws::Structure
|
2878
|
+
include Aws::Structure::Union
|
2879
|
+
|
2880
|
+
class AccountIds < RdsDbClusterSnapshotAttributeValue; end
|
2881
|
+
class Unknown < RdsDbClusterSnapshotAttributeValue; end
|
2882
|
+
end
|
2883
|
+
|
2884
|
+
# The proposed access control configuration for an Amazon RDS DB cluster
|
2885
|
+
# snapshot. You can propose a configuration for a new Amazon RDS DB
|
2886
|
+
# cluster snapshot or an Amazon RDS DB cluster snapshot that you own by
|
2887
|
+
# specifying the `RdsDbClusterSnapshotAttributeValue` and optional KMS
|
2888
|
+
# encryption key. For more information, see
|
2889
|
+
# [ModifyDBClusterSnapshotAttribute][1].
|
2890
|
+
#
|
2891
|
+
#
|
2892
|
+
#
|
2893
|
+
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html
|
2894
|
+
#
|
2895
|
+
# @note When making an API call, you may pass RdsDbClusterSnapshotConfiguration
|
2896
|
+
# data as a hash:
|
2897
|
+
#
|
2898
|
+
# {
|
2899
|
+
# attributes: {
|
2900
|
+
# "RdsDbClusterSnapshotAttributeName" => {
|
2901
|
+
# account_ids: ["RdsDbClusterSnapshotAccountId"],
|
2902
|
+
# },
|
2903
|
+
# },
|
2904
|
+
# kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
|
2905
|
+
# }
|
2906
|
+
#
|
2907
|
+
# @!attribute [rw] attributes
|
2908
|
+
# The names and values of manual DB cluster snapshot attributes.
|
2909
|
+
# Manual DB cluster snapshot attributes are used to authorize other
|
2910
|
+
# Amazon Web Services accounts to restore a manual DB cluster
|
2911
|
+
# snapshot. The only valid value for `AttributeName` for the attribute
|
2912
|
+
# map is `restore`
|
2913
|
+
# @return [Hash<String,Types::RdsDbClusterSnapshotAttributeValue>]
|
2914
|
+
#
|
2915
|
+
# @!attribute [rw] kms_key_id
|
2916
|
+
# The KMS key identifier for an encrypted Amazon RDS DB cluster
|
2917
|
+
# snapshot. The KMS key identifier is the key ARN, key ID, alias ARN,
|
2918
|
+
# or alias name for the KMS key.
|
2919
|
+
#
|
2920
|
+
# * If the configuration is for an existing Amazon RDS DB cluster
|
2921
|
+
# snapshot and you do not specify the `kmsKeyId`, or you specify an
|
2922
|
+
# empty string, then the access preview uses the existing `kmsKeyId`
|
2923
|
+
# of the snapshot.
|
2924
|
+
#
|
2925
|
+
# * If the access preview is for a new resource and you do not specify
|
2926
|
+
# the specify the `kmsKeyId`, then the access preview considers the
|
2927
|
+
# snapshot as unencrypted.
|
2928
|
+
# @return [String]
|
2929
|
+
#
|
2930
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbClusterSnapshotConfiguration AWS API Documentation
|
2931
|
+
#
|
2932
|
+
class RdsDbClusterSnapshotConfiguration < Struct.new(
|
2933
|
+
:attributes,
|
2934
|
+
:kms_key_id)
|
2935
|
+
SENSITIVE = []
|
2936
|
+
include Aws::Structure
|
2937
|
+
end
|
2938
|
+
|
2939
|
+
# The name and values of a manual Amazon RDS DB snapshot attribute.
|
2940
|
+
# Manual DB snapshot attributes are used to authorize other Amazon Web
|
2941
|
+
# Services accounts to restore a manual DB snapshot.
|
2942
|
+
#
|
2943
|
+
# @note RdsDbSnapshotAttributeValue is a union - when making an API calls you must set exactly one of the members.
|
2944
|
+
#
|
2945
|
+
# @note RdsDbSnapshotAttributeValue is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of RdsDbSnapshotAttributeValue corresponding to the set member.
|
2946
|
+
#
|
2947
|
+
# @!attribute [rw] account_ids
|
2948
|
+
# The Amazon Web Services account IDs that have access to the manual
|
2949
|
+
# Amazon RDS DB snapshot. If the value `all` is specified, then the
|
2950
|
+
# Amazon RDS DB snapshot is public and can be copied or restored by
|
2951
|
+
# all Amazon Web Services accounts.
|
2952
|
+
#
|
2953
|
+
# * If the configuration is for an existing Amazon RDS DB snapshot and
|
2954
|
+
# you do not specify the `accountIds` in
|
2955
|
+
# `RdsDbSnapshotAttributeValue`, then the access preview uses the
|
2956
|
+
# existing shared `accountIds` for the snapshot.
|
2957
|
+
#
|
2958
|
+
# * If the access preview is for a new resource and you do not specify
|
2959
|
+
# the specify the `accountIds` in `RdsDbSnapshotAttributeValue`,
|
2960
|
+
# then the access preview considers the snapshot without any
|
2961
|
+
# attributes.
|
2962
|
+
#
|
2963
|
+
# * To propose deletion of an existing shared `accountIds`, you can
|
2964
|
+
# specify an empty list for `accountIds` in the
|
2965
|
+
# `RdsDbSnapshotAttributeValue`.
|
2966
|
+
# @return [Array<String>]
|
2967
|
+
#
|
2968
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbSnapshotAttributeValue AWS API Documentation
|
2969
|
+
#
|
2970
|
+
class RdsDbSnapshotAttributeValue < Struct.new(
|
2971
|
+
:account_ids,
|
2972
|
+
:unknown)
|
2973
|
+
SENSITIVE = []
|
2974
|
+
include Aws::Structure
|
2975
|
+
include Aws::Structure::Union
|
2976
|
+
|
2977
|
+
class AccountIds < RdsDbSnapshotAttributeValue; end
|
2978
|
+
class Unknown < RdsDbSnapshotAttributeValue; end
|
2979
|
+
end
|
2980
|
+
|
2981
|
+
# The proposed access control configuration for an Amazon RDS DB
|
2982
|
+
# snapshot. You can propose a configuration for a new Amazon RDS DB
|
2983
|
+
# snapshot or an Amazon RDS DB snapshot that you own by specifying the
|
2984
|
+
# `RdsDbSnapshotAttributeValue` and optional KMS encryption key. For
|
2985
|
+
# more information, see [ModifyDBSnapshotAttribute][1].
|
2986
|
+
#
|
2987
|
+
#
|
2988
|
+
#
|
2989
|
+
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html
|
2990
|
+
#
|
2991
|
+
# @note When making an API call, you may pass RdsDbSnapshotConfiguration
|
2992
|
+
# data as a hash:
|
2993
|
+
#
|
2994
|
+
# {
|
2995
|
+
# attributes: {
|
2996
|
+
# "RdsDbSnapshotAttributeName" => {
|
2997
|
+
# account_ids: ["RdsDbSnapshotAccountId"],
|
2998
|
+
# },
|
2999
|
+
# },
|
3000
|
+
# kms_key_id: "RdsDbSnapshotKmsKeyId",
|
3001
|
+
# }
|
3002
|
+
#
|
3003
|
+
# @!attribute [rw] attributes
|
3004
|
+
# The names and values of manual DB snapshot attributes. Manual DB
|
3005
|
+
# snapshot attributes are used to authorize other Amazon Web Services
|
3006
|
+
# accounts to restore a manual DB snapshot. The only valid value for
|
3007
|
+
# `attributeName` for the attribute map is restore.
|
3008
|
+
# @return [Hash<String,Types::RdsDbSnapshotAttributeValue>]
|
3009
|
+
#
|
3010
|
+
# @!attribute [rw] kms_key_id
|
3011
|
+
# The KMS key identifier for an encrypted Amazon RDS DB snapshot. The
|
3012
|
+
# KMS key identifier is the key ARN, key ID, alias ARN, or alias name
|
3013
|
+
# for the KMS key.
|
3014
|
+
#
|
3015
|
+
# * If the configuration is for an existing Amazon RDS DB snapshot and
|
3016
|
+
# you do not specify the `kmsKeyId`, or you specify an empty string,
|
3017
|
+
# then the access preview uses the existing `kmsKeyId` of the
|
3018
|
+
# snapshot.
|
3019
|
+
#
|
3020
|
+
# * If the access preview is for a new resource and you do not specify
|
3021
|
+
# the specify the `kmsKeyId`, then the access preview considers the
|
3022
|
+
# snapshot as unencrypted.
|
3023
|
+
# @return [String]
|
3024
|
+
#
|
3025
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/RdsDbSnapshotConfiguration AWS API Documentation
|
3026
|
+
#
|
3027
|
+
class RdsDbSnapshotConfiguration < Struct.new(
|
3028
|
+
:attributes,
|
3029
|
+
:kms_key_id)
|
3030
|
+
SENSITIVE = []
|
3031
|
+
include Aws::Structure
|
3032
|
+
end
|
3033
|
+
|
2607
3034
|
# The specified resource could not be found.
|
2608
3035
|
#
|
2609
3036
|
# @!attribute [rw] message
|
@@ -2927,6 +3354,47 @@ module Aws::AccessAnalyzer
|
|
2927
3354
|
include Aws::Structure
|
2928
3355
|
end
|
2929
3356
|
|
3357
|
+
# The proposed access control configuration for an Amazon SNS topic. You
|
3358
|
+
# can propose a configuration for a new Amazon SNS topic or an existing
|
3359
|
+
# Amazon SNS topic that you own by specifying the policy. If the
|
3360
|
+
# configuration is for an existing Amazon SNS topic and you do not
|
3361
|
+
# specify the Amazon SNS policy, then the access preview uses the
|
3362
|
+
# existing Amazon SNS policy for the topic. If the access preview is for
|
3363
|
+
# a new resource and you do not specify the policy, then the access
|
3364
|
+
# preview assumes an Amazon SNS topic without a policy. To propose
|
3365
|
+
# deletion of an existing Amazon SNS topic policy, you can specify an
|
3366
|
+
# empty string for the Amazon SNS policy. For more information, see
|
3367
|
+
# [Topic][1].
|
3368
|
+
#
|
3369
|
+
#
|
3370
|
+
#
|
3371
|
+
# [1]: https://docs.aws.amazon.com/sns/latest/api/API_Topic.html
|
3372
|
+
#
|
3373
|
+
# @note When making an API call, you may pass SnsTopicConfiguration
|
3374
|
+
# data as a hash:
|
3375
|
+
#
|
3376
|
+
# {
|
3377
|
+
# topic_policy: "SnsTopicPolicy",
|
3378
|
+
# }
|
3379
|
+
#
|
3380
|
+
# @!attribute [rw] topic_policy
|
3381
|
+
# The JSON policy text that defines who can access an Amazon SNS
|
3382
|
+
# topic. For more information, see [Example cases for Amazon SNS
|
3383
|
+
# access control][1] in the *Amazon SNS Developer Guide*.
|
3384
|
+
#
|
3385
|
+
#
|
3386
|
+
#
|
3387
|
+
# [1]: https://docs.aws.amazon.com/sns/latest/dg/sns-access-policy-use-cases.html
|
3388
|
+
# @return [String]
|
3389
|
+
#
|
3390
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/SnsTopicConfiguration AWS API Documentation
|
3391
|
+
#
|
3392
|
+
class SnsTopicConfiguration < Struct.new(
|
3393
|
+
:topic_policy)
|
3394
|
+
SENSITIVE = []
|
3395
|
+
include Aws::Structure
|
3396
|
+
end
|
3397
|
+
|
2930
3398
|
# The criteria used to sort.
|
2931
3399
|
#
|
2932
3400
|
# @note When making an API call, you may pass SortCriteria
|
@@ -3089,6 +3557,7 @@ module Aws::AccessAnalyzer
|
|
3089
3557
|
# {
|
3090
3558
|
# analyzer_arn: "AnalyzerArn", # required
|
3091
3559
|
# resource_arn: "ResourceArn", # required
|
3560
|
+
# resource_owner_account: "String",
|
3092
3561
|
# }
|
3093
3562
|
#
|
3094
3563
|
# @!attribute [rw] analyzer_arn
|
@@ -3104,11 +3573,18 @@ module Aws::AccessAnalyzer
|
|
3104
3573
|
# The ARN of the resource to scan.
|
3105
3574
|
# @return [String]
|
3106
3575
|
#
|
3576
|
+
# @!attribute [rw] resource_owner_account
|
3577
|
+
# The Amazon Web Services account ID that owns the resource. For most
|
3578
|
+
# Amazon Web Services resources, the owning account is the account in
|
3579
|
+
# which the resource was created.
|
3580
|
+
# @return [String]
|
3581
|
+
#
|
3107
3582
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartResourceScanRequest AWS API Documentation
|
3108
3583
|
#
|
3109
3584
|
class StartResourceScanRequest < Struct.new(
|
3110
3585
|
:analyzer_arn,
|
3111
|
-
:resource_arn
|
3586
|
+
:resource_arn,
|
3587
|
+
:resource_owner_account)
|
3112
3588
|
SENSITIVE = []
|
3113
3589
|
include Aws::Structure
|
3114
3590
|
end
|
@@ -13,9 +13,13 @@ require 'aws-sigv4'
|
|
13
13
|
|
14
14
|
require_relative 'aws-sdk-accessanalyzer/types'
|
15
15
|
require_relative 'aws-sdk-accessanalyzer/client_api'
|
16
|
+
require_relative 'aws-sdk-accessanalyzer/plugins/endpoints.rb'
|
16
17
|
require_relative 'aws-sdk-accessanalyzer/client'
|
17
18
|
require_relative 'aws-sdk-accessanalyzer/errors'
|
18
19
|
require_relative 'aws-sdk-accessanalyzer/resource'
|
20
|
+
require_relative 'aws-sdk-accessanalyzer/endpoint_parameters'
|
21
|
+
require_relative 'aws-sdk-accessanalyzer/endpoint_provider'
|
22
|
+
require_relative 'aws-sdk-accessanalyzer/endpoints'
|
19
23
|
require_relative 'aws-sdk-accessanalyzer/customizations'
|
20
24
|
|
21
25
|
# This module provides support for Access Analyzer. This module is available in the
|
@@ -48,6 +52,6 @@ require_relative 'aws-sdk-accessanalyzer/customizations'
|
|
48
52
|
# @!group service
|
49
53
|
module Aws::AccessAnalyzer
|
50
54
|
|
51
|
-
GEM_VERSION = '1.
|
55
|
+
GEM_VERSION = '1.31.0'
|
52
56
|
|
53
57
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-accessanalyzer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.31.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-10-
|
11
|
+
date: 2022-10-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.165.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.165.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -59,7 +59,11 @@ files:
|
|
59
59
|
- lib/aws-sdk-accessanalyzer/client.rb
|
60
60
|
- lib/aws-sdk-accessanalyzer/client_api.rb
|
61
61
|
- lib/aws-sdk-accessanalyzer/customizations.rb
|
62
|
+
- lib/aws-sdk-accessanalyzer/endpoint_parameters.rb
|
63
|
+
- lib/aws-sdk-accessanalyzer/endpoint_provider.rb
|
64
|
+
- lib/aws-sdk-accessanalyzer/endpoints.rb
|
62
65
|
- lib/aws-sdk-accessanalyzer/errors.rb
|
66
|
+
- lib/aws-sdk-accessanalyzer/plugins/endpoints.rb
|
63
67
|
- lib/aws-sdk-accessanalyzer/resource.rb
|
64
68
|
- lib/aws-sdk-accessanalyzer/types.rb
|
65
69
|
homepage: https://github.com/aws/aws-sdk-ruby
|