aws-sdk-accessanalyzer 1.31.0 → 1.33.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -1
- data/VERSION +1 -1
- data/lib/aws-sdk-accessanalyzer/client.rb +7 -4
- data/lib/aws-sdk-accessanalyzer/client_api.rb +2 -1
- data/lib/aws-sdk-accessanalyzer/endpoint_parameters.rb +3 -0
- data/lib/aws-sdk-accessanalyzer/endpoint_provider.rb +35 -96
- data/lib/aws-sdk-accessanalyzer/types.rb +12 -685
- data/lib/aws-sdk-accessanalyzer.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fd1f3f9521514014252024f70752ecce355e1686eca51cda613f284972bde774
|
4
|
+
data.tar.gz: f24fc573a9bebd1fc74e7e2b5051881b45eb73498c491b2578d5ceb54e596050
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b0a478d564a9b591d4325b31f0b59d0f3d9af88108fbfdbb2279cb2384a7094b8f344c7bbd41bcd8c0a4b8120b1d23781085780862209e34586d461caefa2e68
|
7
|
+
data.tar.gz: 449c68e1a77c18650d7a580cfa437091d9f87701fd04853e3a07b024807c79dae5ead30068f6ee5398f182ae956a5fa16d43a9b0c6a74076e89b6b4114422962
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,18 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.33.0 (2023-01-18)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
8
|
+
|
9
|
+
* Issue - Replace runtime endpoint resolution approach with generated ruby code.
|
10
|
+
|
11
|
+
1.32.0 (2022-11-30)
|
12
|
+
------------------
|
13
|
+
|
14
|
+
* Feature - This release adds support for S3 cross account access points. IAM Access Analyzer will now produce public or cross account findings when it detects bucket delegation to external account access points.
|
15
|
+
|
4
16
|
1.31.0 (2022-10-25)
|
5
17
|
------------------
|
6
18
|
|
@@ -171,4 +183,4 @@ Unreleased Changes
|
|
171
183
|
1.0.0 (2019-12-02)
|
172
184
|
------------------
|
173
185
|
|
174
|
-
* Feature - Initial release of `aws-sdk-accessanalyzer`.
|
186
|
+
* Feature - Initial release of `aws-sdk-accessanalyzer`.
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.33.0
|
@@ -1021,8 +1021,9 @@ module Aws::AccessAnalyzer
|
|
1021
1021
|
# resp.finding.resource_owner_account #=> String
|
1022
1022
|
# resp.finding.error #=> String
|
1023
1023
|
# resp.finding.sources #=> Array
|
1024
|
-
# resp.finding.sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
|
1024
|
+
# resp.finding.sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT", "S3_ACCESS_POINT_ACCOUNT"
|
1025
1025
|
# resp.finding.sources[0].detail.access_point_arn #=> String
|
1026
|
+
# resp.finding.sources[0].detail.access_point_account #=> String
|
1026
1027
|
#
|
1027
1028
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFinding AWS API Documentation
|
1028
1029
|
#
|
@@ -1167,8 +1168,9 @@ module Aws::AccessAnalyzer
|
|
1167
1168
|
# resp.findings[0].resource_owner_account #=> String
|
1168
1169
|
# resp.findings[0].error #=> String
|
1169
1170
|
# resp.findings[0].sources #=> Array
|
1170
|
-
# resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
|
1171
|
+
# resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT", "S3_ACCESS_POINT_ACCOUNT"
|
1171
1172
|
# resp.findings[0].sources[0].detail.access_point_arn #=> String
|
1173
|
+
# resp.findings[0].sources[0].detail.access_point_account #=> String
|
1172
1174
|
# resp.next_token #=> String
|
1173
1175
|
#
|
1174
1176
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviewFindings AWS API Documentation
|
@@ -1459,8 +1461,9 @@ module Aws::AccessAnalyzer
|
|
1459
1461
|
# resp.findings[0].resource_owner_account #=> String
|
1460
1462
|
# resp.findings[0].error #=> String
|
1461
1463
|
# resp.findings[0].sources #=> Array
|
1462
|
-
# resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT"
|
1464
|
+
# resp.findings[0].sources[0].type #=> String, one of "POLICY", "BUCKET_ACL", "S3_ACCESS_POINT", "S3_ACCESS_POINT_ACCOUNT"
|
1463
1465
|
# resp.findings[0].sources[0].detail.access_point_arn #=> String
|
1466
|
+
# resp.findings[0].sources[0].detail.access_point_account #=> String
|
1464
1467
|
# resp.next_token #=> String
|
1465
1468
|
#
|
1466
1469
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindings AWS API Documentation
|
@@ -1899,7 +1902,7 @@ module Aws::AccessAnalyzer
|
|
1899
1902
|
params: params,
|
1900
1903
|
config: config)
|
1901
1904
|
context[:gem_name] = 'aws-sdk-accessanalyzer'
|
1902
|
-
context[:gem_version] = '1.
|
1905
|
+
context[:gem_version] = '1.33.0'
|
1903
1906
|
Seahorse::Client::Request.new(handlers, context)
|
1904
1907
|
end
|
1905
1908
|
|
@@ -466,6 +466,7 @@ module Aws::AccessAnalyzer
|
|
466
466
|
FindingSource.struct_class = Types::FindingSource
|
467
467
|
|
468
468
|
FindingSourceDetail.add_member(:access_point_arn, Shapes::ShapeRef.new(shape: String, location_name: "accessPointArn"))
|
469
|
+
FindingSourceDetail.add_member(:access_point_account, Shapes::ShapeRef.new(shape: String, location_name: "accessPointAccount"))
|
469
470
|
FindingSourceDetail.struct_class = Types::FindingSourceDetail
|
470
471
|
|
471
472
|
FindingSourceList.member = Shapes::ShapeRef.new(shape: FindingSource)
|
@@ -684,7 +685,7 @@ module Aws::AccessAnalyzer
|
|
684
685
|
NetworkOriginConfiguration.add_member_subclass(:unknown, Types::NetworkOriginConfiguration::Unknown)
|
685
686
|
NetworkOriginConfiguration.struct_class = Types::NetworkOriginConfiguration
|
686
687
|
|
687
|
-
PathElement.add_member(:index, Shapes::ShapeRef.new(shape: Integer, location_name: "index"
|
688
|
+
PathElement.add_member(:index, Shapes::ShapeRef.new(shape: Integer, location_name: "index"))
|
688
689
|
PathElement.add_member(:key, Shapes::ShapeRef.new(shape: String, location_name: "key"))
|
689
690
|
PathElement.add_member(:substring, Shapes::ShapeRef.new(shape: Substring, location_name: "substring"))
|
690
691
|
PathElement.add_member(:value, Shapes::ShapeRef.new(shape: String, location_name: "value"))
|
@@ -50,6 +50,9 @@ module Aws::AccessAnalyzer
|
|
50
50
|
|
51
51
|
def initialize(options = {})
|
52
52
|
self[:region] = options[:region]
|
53
|
+
if self[:region].nil?
|
54
|
+
raise ArgumentError, "Missing required EndpointParameter: :region"
|
55
|
+
end
|
53
56
|
self[:use_dual_stack] = options[:use_dual_stack]
|
54
57
|
self[:use_dual_stack] = false if self[:use_dual_stack].nil?
|
55
58
|
if self[:use_dual_stack].nil?
|
@@ -9,104 +9,43 @@
|
|
9
9
|
|
10
10
|
module Aws::AccessAnalyzer
|
11
11
|
class EndpointProvider
|
12
|
-
def
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
12
|
+
def resolve_endpoint(parameters)
|
13
|
+
region = parameters.region
|
14
|
+
use_dual_stack = parameters.use_dual_stack
|
15
|
+
use_fips = parameters.use_fips
|
16
|
+
endpoint = parameters.endpoint
|
17
|
+
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
18
|
+
if Aws::Endpoints::Matchers.set?(endpoint) && (url = Aws::Endpoints::Matchers.parse_url(endpoint))
|
19
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
20
|
+
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
21
|
+
end
|
22
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
23
|
+
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
24
|
+
end
|
25
|
+
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
26
|
+
end
|
27
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
28
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
29
|
+
return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
30
|
+
end
|
31
|
+
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
32
|
+
end
|
33
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
34
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
|
35
|
+
return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
36
|
+
end
|
37
|
+
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
38
|
+
end
|
39
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
40
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
41
|
+
return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
42
|
+
end
|
43
|
+
raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
|
44
|
+
end
|
45
|
+
return Aws::Endpoints::Endpoint.new(url: "https://access-analyzer.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
21
46
|
end
|
22
|
-
|
23
|
-
end
|
47
|
+
raise ArgumentError, 'No endpoint could be resolved'
|
24
48
|
|
25
|
-
def resolve_endpoint(parameters)
|
26
|
-
@provider.resolve_endpoint(parameters)
|
27
49
|
end
|
28
|
-
|
29
|
-
# @api private
|
30
|
-
RULES = <<-JSON
|
31
|
-
eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
|
32
|
-
bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1bWVu
|
33
|
-
dGF0aW9uIjoiVGhlIEFXUyByZWdpb24gdXNlZCB0byBkaXNwYXRjaCB0aGUg
|
34
|
-
cmVxdWVzdC4iLCJ0eXBlIjoiU3RyaW5nIn0sIlVzZUR1YWxTdGFjayI6eyJi
|
35
|
-
dWlsdEluIjoiQVdTOjpVc2VEdWFsU3RhY2siLCJyZXF1aXJlZCI6dHJ1ZSwi
|
36
|
-
ZGVmYXVsdCI6ZmFsc2UsImRvY3VtZW50YXRpb24iOiJXaGVuIHRydWUsIHVz
|
37
|
-
ZSB0aGUgZHVhbC1zdGFjayBlbmRwb2ludC4gSWYgdGhlIGNvbmZpZ3VyZWQg
|
38
|
-
ZW5kcG9pbnQgZG9lcyBub3Qgc3VwcG9ydCBkdWFsLXN0YWNrLCBkaXNwYXRj
|
39
|
-
aGluZyB0aGUgcmVxdWVzdCBNQVkgcmV0dXJuIGFuIGVycm9yLiIsInR5cGUi
|
40
|
-
OiJCb29sZWFuIn0sIlVzZUZJUFMiOnsiYnVpbHRJbiI6IkFXUzo6VXNlRklQ
|
41
|
-
UyIsInJlcXVpcmVkIjp0cnVlLCJkZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRh
|
42
|
-
dGlvbiI6IldoZW4gdHJ1ZSwgc2VuZCB0aGlzIHJlcXVlc3QgdG8gdGhlIEZJ
|
43
|
-
UFMtY29tcGxpYW50IHJlZ2lvbmFsIGVuZHBvaW50LiBJZiB0aGUgY29uZmln
|
44
|
-
dXJlZCBlbmRwb2ludCBkb2VzIG5vdCBoYXZlIGEgRklQUyBjb21wbGlhbnQg
|
45
|
-
ZW5kcG9pbnQsIGRpc3BhdGNoaW5nIHRoZSByZXF1ZXN0IHdpbGwgcmV0dXJu
|
46
|
-
IGFuIGVycm9yLiIsInR5cGUiOiJCb29sZWFuIn0sIkVuZHBvaW50Ijp7ImJ1
|
47
|
-
aWx0SW4iOiJTREs6OkVuZHBvaW50IiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1
|
48
|
-
bWVudGF0aW9uIjoiT3ZlcnJpZGUgdGhlIGVuZHBvaW50IHVzZWQgdG8gc2Vu
|
49
|
-
ZCB0aGlzIHJlcXVlc3QiLCJ0eXBlIjoiU3RyaW5nIn19LCJydWxlcyI6W3si
|
50
|
-
Y29uZGl0aW9ucyI6W3siZm4iOiJhd3MucGFydGl0aW9uIiwiYXJndiI6W3si
|
51
|
-
cmVmIjoiUmVnaW9uIn1dLCJhc3NpZ24iOiJQYXJ0aXRpb25SZXN1bHQifV0s
|
52
|
-
InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
|
53
|
-
aXNTZXQiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XX0seyJmbiI6InBh
|
54
|
-
cnNlVVJMIiwiYXJndiI6W3sicmVmIjoiRW5kcG9pbnQifV0sImFzc2lnbiI6
|
55
|
-
InVybCJ9XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6
|
56
|
-
W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQ
|
57
|
-
UyJ9LHRydWVdfV0sImVycm9yIjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBG
|
58
|
-
SVBTIGFuZCBjdXN0b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0
|
59
|
-
eXBlIjoiZXJyb3IifSx7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIs
|
60
|
-
InJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
|
61
|
-
LCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJlcnJv
|
62
|
-
ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRHVhbHN0YWNrIGFuZCBjdXN0
|
63
|
-
b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0eXBlIjoiZXJyb3Ii
|
64
|
-
fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOnsicmVmIjoi
|
65
|
-
RW5kcG9pbnQifSwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlw
|
66
|
-
ZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W3siZm4iOiJib29s
|
67
|
-
ZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRydWVdfSx7
|
68
|
-
ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxT
|
69
|
-
dGFjayJ9LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
|
70
|
-
dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsi
|
71
|
-
Zm4iOiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0
|
72
|
-
In0sInN1cHBvcnRzRklQUyJdfV19LHsiZm4iOiJib29sZWFuRXF1YWxzIiwi
|
73
|
-
YXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQ
|
74
|
-
YXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5
|
75
|
-
cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2lu
|
76
|
-
dCI6eyJ1cmwiOiJodHRwczovL2FjY2Vzcy1hbmFseXplci1maXBzLntSZWdp
|
77
|
-
b259LntQYXJ0aXRpb25SZXN1bHQjZHVhbFN0YWNrRG5zU3VmZml4fSIsInBy
|
78
|
-
b3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9
|
79
|
-
XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJGSVBTIGFuZCBEdWFsU3Rh
|
80
|
-
Y2sgYXJlIGVuYWJsZWQsIGJ1dCB0aGlzIHBhcnRpdGlvbiBkb2VzIG5vdCBz
|
81
|
-
dXBwb3J0IG9uZSBvciBib3RoIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRp
|
82
|
-
dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6
|
83
|
-
IlVzZUZJUFMifSx0cnVlXX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJj
|
84
|
-
b25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1
|
85
|
-
ZSx7ImZuIjoiZ2V0QXR0ciIsImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJl
|
86
|
-
c3VsdCJ9LCJzdXBwb3J0c0ZJUFMiXX1dfV0sInR5cGUiOiJ0cmVlIiwicnVs
|
87
|
-
ZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpb
|
88
|
-
eyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9h
|
89
|
-
Y2Nlc3MtYW5hbHl6ZXItZmlwcy57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0
|
90
|
-
I2Ruc1N1ZmZpeH0iLCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0
|
91
|
-
eXBlIjoiZW5kcG9pbnQifV19XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3Ii
|
92
|
-
OiJGSVBTIGlzIGVuYWJsZWQgYnV0IHRoaXMgcGFydGl0aW9uIGRvZXMgbm90
|
93
|
-
IHN1cHBvcnQgRklQUyIsInR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25z
|
94
|
-
IjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VE
|
95
|
-
dWFsU3RhY2sifSx0cnVlXX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJj
|
96
|
-
b25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1
|
97
|
-
ZSx7ImZuIjoiZ2V0QXR0ciIsImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJl
|
98
|
-
c3VsdCJ9LCJzdXBwb3J0c0R1YWxTdGFjayJdfV19XSwidHlwZSI6InRyZWUi
|
99
|
-
LCJydWxlcyI6W3siY29uZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6
|
100
|
-
Imh0dHBzOi8vYWNjZXNzLWFuYWx5emVyLntSZWdpb259LntQYXJ0aXRpb25S
|
101
|
-
ZXN1bHQjZHVhbFN0YWNrRG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJo
|
102
|
-
ZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRpb25z
|
103
|
-
IjpbXSwiZXJyb3IiOiJEdWFsU3RhY2sgaXMgZW5hYmxlZCBidXQgdGhpcyBw
|
104
|
-
YXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBEdWFsU3RhY2siLCJ0eXBlIjoi
|
105
|
-
ZXJyb3IifV19LHsiY29uZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6
|
106
|
-
Imh0dHBzOi8vYWNjZXNzLWFuYWx5emVyLntSZWdpb259LntQYXJ0aXRpb25S
|
107
|
-
ZXN1bHQjZG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7
|
108
|
-
fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1dfQ==
|
109
|
-
|
110
|
-
JSON
|
111
50
|
end
|
112
51
|
end
|
@@ -447,15 +447,6 @@ module Aws::AccessAnalyzer
|
|
447
447
|
|
448
448
|
# Retroactively applies an archive rule.
|
449
449
|
#
|
450
|
-
# @note When making an API call, you may pass ApplyArchiveRuleRequest
|
451
|
-
# data as a hash:
|
452
|
-
#
|
453
|
-
# {
|
454
|
-
# analyzer_arn: "AnalyzerArn", # required
|
455
|
-
# rule_name: "Name", # required
|
456
|
-
# client_token: "String",
|
457
|
-
# }
|
458
|
-
#
|
459
450
|
# @!attribute [rw] analyzer_arn
|
460
451
|
# The Amazon resource name (ARN) of the analyzer.
|
461
452
|
# @return [String]
|
@@ -510,13 +501,6 @@ module Aws::AccessAnalyzer
|
|
510
501
|
include Aws::Structure
|
511
502
|
end
|
512
503
|
|
513
|
-
# @note When making an API call, you may pass CancelPolicyGenerationRequest
|
514
|
-
# data as a hash:
|
515
|
-
#
|
516
|
-
# {
|
517
|
-
# job_id: "JobId", # required
|
518
|
-
# }
|
519
|
-
#
|
520
504
|
# @!attribute [rw] job_id
|
521
505
|
# The `JobId` that is returned by the `StartPolicyGeneration`
|
522
506
|
# operation. The `JobId` can be used with `GetGeneratedPolicy` to
|
@@ -538,22 +522,6 @@ module Aws::AccessAnalyzer
|
|
538
522
|
|
539
523
|
# Contains information about CloudTrail access.
|
540
524
|
#
|
541
|
-
# @note When making an API call, you may pass CloudTrailDetails
|
542
|
-
# data as a hash:
|
543
|
-
#
|
544
|
-
# {
|
545
|
-
# trails: [ # required
|
546
|
-
# {
|
547
|
-
# cloud_trail_arn: "CloudTrailArn", # required
|
548
|
-
# regions: ["String"],
|
549
|
-
# all_regions: false,
|
550
|
-
# },
|
551
|
-
# ],
|
552
|
-
# access_role: "RoleArn", # required
|
553
|
-
# start_time: Time.now, # required
|
554
|
-
# end_time: Time.now,
|
555
|
-
# }
|
556
|
-
#
|
557
525
|
# @!attribute [rw] trails
|
558
526
|
# A `Trail` object that contains settings for a trail.
|
559
527
|
# @return [Array<Types::Trail>]
|
@@ -727,111 +695,6 @@ module Aws::AccessAnalyzer
|
|
727
695
|
include Aws::Structure
|
728
696
|
end
|
729
697
|
|
730
|
-
# @note When making an API call, you may pass CreateAccessPreviewRequest
|
731
|
-
# data as a hash:
|
732
|
-
#
|
733
|
-
# {
|
734
|
-
# analyzer_arn: "AnalyzerArn", # required
|
735
|
-
# configurations: { # required
|
736
|
-
# "ConfigurationsMapKey" => {
|
737
|
-
# ebs_snapshot: {
|
738
|
-
# user_ids: ["EbsUserId"],
|
739
|
-
# groups: ["EbsGroup"],
|
740
|
-
# kms_key_id: "EbsSnapshotDataEncryptionKeyId",
|
741
|
-
# },
|
742
|
-
# ecr_repository: {
|
743
|
-
# repository_policy: "EcrRepositoryPolicy",
|
744
|
-
# },
|
745
|
-
# iam_role: {
|
746
|
-
# trust_policy: "IamTrustPolicy",
|
747
|
-
# },
|
748
|
-
# efs_file_system: {
|
749
|
-
# file_system_policy: "EfsFileSystemPolicy",
|
750
|
-
# },
|
751
|
-
# kms_key: {
|
752
|
-
# key_policies: {
|
753
|
-
# "PolicyName" => "KmsKeyPolicy",
|
754
|
-
# },
|
755
|
-
# grants: [
|
756
|
-
# {
|
757
|
-
# operations: ["CreateGrant"], # required, accepts CreateGrant, Decrypt, DescribeKey, Encrypt, GenerateDataKey, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GenerateDataKeyWithoutPlaintext, GetPublicKey, ReEncryptFrom, ReEncryptTo, RetireGrant, Sign, Verify
|
758
|
-
# grantee_principal: "GranteePrincipal", # required
|
759
|
-
# retiring_principal: "RetiringPrincipal",
|
760
|
-
# constraints: {
|
761
|
-
# encryption_context_equals: {
|
762
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
763
|
-
# },
|
764
|
-
# encryption_context_subset: {
|
765
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
766
|
-
# },
|
767
|
-
# },
|
768
|
-
# issuing_account: "IssuingAccount", # required
|
769
|
-
# },
|
770
|
-
# ],
|
771
|
-
# },
|
772
|
-
# rds_db_cluster_snapshot: {
|
773
|
-
# attributes: {
|
774
|
-
# "RdsDbClusterSnapshotAttributeName" => {
|
775
|
-
# account_ids: ["RdsDbClusterSnapshotAccountId"],
|
776
|
-
# },
|
777
|
-
# },
|
778
|
-
# kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
|
779
|
-
# },
|
780
|
-
# rds_db_snapshot: {
|
781
|
-
# attributes: {
|
782
|
-
# "RdsDbSnapshotAttributeName" => {
|
783
|
-
# account_ids: ["RdsDbSnapshotAccountId"],
|
784
|
-
# },
|
785
|
-
# },
|
786
|
-
# kms_key_id: "RdsDbSnapshotKmsKeyId",
|
787
|
-
# },
|
788
|
-
# secrets_manager_secret: {
|
789
|
-
# kms_key_id: "SecretsManagerSecretKmsId",
|
790
|
-
# secret_policy: "SecretsManagerSecretPolicy",
|
791
|
-
# },
|
792
|
-
# s3_bucket: {
|
793
|
-
# bucket_policy: "S3BucketPolicy",
|
794
|
-
# bucket_acl_grants: [
|
795
|
-
# {
|
796
|
-
# permission: "READ", # required, accepts READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL
|
797
|
-
# grantee: { # required
|
798
|
-
# id: "AclCanonicalId",
|
799
|
-
# uri: "AclUri",
|
800
|
-
# },
|
801
|
-
# },
|
802
|
-
# ],
|
803
|
-
# bucket_public_access_block: {
|
804
|
-
# ignore_public_acls: false, # required
|
805
|
-
# restrict_public_buckets: false, # required
|
806
|
-
# },
|
807
|
-
# access_points: {
|
808
|
-
# "AccessPointArn" => {
|
809
|
-
# access_point_policy: "AccessPointPolicy",
|
810
|
-
# public_access_block: {
|
811
|
-
# ignore_public_acls: false, # required
|
812
|
-
# restrict_public_buckets: false, # required
|
813
|
-
# },
|
814
|
-
# network_origin: {
|
815
|
-
# vpc_configuration: {
|
816
|
-
# vpc_id: "VpcId", # required
|
817
|
-
# },
|
818
|
-
# internet_configuration: {
|
819
|
-
# },
|
820
|
-
# },
|
821
|
-
# },
|
822
|
-
# },
|
823
|
-
# },
|
824
|
-
# sns_topic: {
|
825
|
-
# topic_policy: "SnsTopicPolicy",
|
826
|
-
# },
|
827
|
-
# sqs_queue: {
|
828
|
-
# queue_policy: "SqsQueuePolicy",
|
829
|
-
# },
|
830
|
-
# },
|
831
|
-
# },
|
832
|
-
# client_token: "String",
|
833
|
-
# }
|
834
|
-
#
|
835
698
|
# @!attribute [rw] analyzer_arn
|
836
699
|
# The [ARN of the account analyzer][1] used to generate the access
|
837
700
|
# preview. You can only create an access preview for analyzers with an
|
@@ -881,31 +744,6 @@ module Aws::AccessAnalyzer
|
|
881
744
|
|
882
745
|
# Creates an analyzer.
|
883
746
|
#
|
884
|
-
# @note When making an API call, you may pass CreateAnalyzerRequest
|
885
|
-
# data as a hash:
|
886
|
-
#
|
887
|
-
# {
|
888
|
-
# analyzer_name: "Name", # required
|
889
|
-
# type: "ACCOUNT", # required, accepts ACCOUNT, ORGANIZATION
|
890
|
-
# archive_rules: [
|
891
|
-
# {
|
892
|
-
# rule_name: "Name", # required
|
893
|
-
# filter: { # required
|
894
|
-
# "String" => {
|
895
|
-
# eq: ["String"],
|
896
|
-
# neq: ["String"],
|
897
|
-
# contains: ["String"],
|
898
|
-
# exists: false,
|
899
|
-
# },
|
900
|
-
# },
|
901
|
-
# },
|
902
|
-
# ],
|
903
|
-
# tags: {
|
904
|
-
# "String" => "String",
|
905
|
-
# },
|
906
|
-
# client_token: "String",
|
907
|
-
# }
|
908
|
-
#
|
909
747
|
# @!attribute [rw] analyzer_name
|
910
748
|
# The name of the analyzer to create.
|
911
749
|
# @return [String]
|
@@ -962,23 +800,6 @@ module Aws::AccessAnalyzer
|
|
962
800
|
|
963
801
|
# Creates an archive rule.
|
964
802
|
#
|
965
|
-
# @note When making an API call, you may pass CreateArchiveRuleRequest
|
966
|
-
# data as a hash:
|
967
|
-
#
|
968
|
-
# {
|
969
|
-
# analyzer_name: "Name", # required
|
970
|
-
# rule_name: "Name", # required
|
971
|
-
# filter: { # required
|
972
|
-
# "String" => {
|
973
|
-
# eq: ["String"],
|
974
|
-
# neq: ["String"],
|
975
|
-
# contains: ["String"],
|
976
|
-
# exists: false,
|
977
|
-
# },
|
978
|
-
# },
|
979
|
-
# client_token: "String",
|
980
|
-
# }
|
981
|
-
#
|
982
803
|
# @!attribute [rw] analyzer_name
|
983
804
|
# The name of the created analyzer.
|
984
805
|
# @return [String]
|
@@ -1009,17 +830,13 @@ module Aws::AccessAnalyzer
|
|
1009
830
|
include Aws::Structure
|
1010
831
|
end
|
1011
832
|
|
1012
|
-
# The criteria to use in the filter that defines the archive rule.
|
833
|
+
# The criteria to use in the filter that defines the archive rule. For
|
834
|
+
# more information on available filter keys, see [IAM Access Analyzer
|
835
|
+
# filter keys][1].
|
836
|
+
#
|
1013
837
|
#
|
1014
|
-
# @note When making an API call, you may pass Criterion
|
1015
|
-
# data as a hash:
|
1016
838
|
#
|
1017
|
-
#
|
1018
|
-
# eq: ["String"],
|
1019
|
-
# neq: ["String"],
|
1020
|
-
# contains: ["String"],
|
1021
|
-
# exists: false,
|
1022
|
-
# }
|
839
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html
|
1023
840
|
#
|
1024
841
|
# @!attribute [rw] eq
|
1025
842
|
# An "equals" operator to match for the filter used to create the
|
@@ -1054,14 +871,6 @@ module Aws::AccessAnalyzer
|
|
1054
871
|
|
1055
872
|
# Deletes an analyzer.
|
1056
873
|
#
|
1057
|
-
# @note When making an API call, you may pass DeleteAnalyzerRequest
|
1058
|
-
# data as a hash:
|
1059
|
-
#
|
1060
|
-
# {
|
1061
|
-
# analyzer_name: "Name", # required
|
1062
|
-
# client_token: "String",
|
1063
|
-
# }
|
1064
|
-
#
|
1065
874
|
# @!attribute [rw] analyzer_name
|
1066
875
|
# The name of the analyzer to delete.
|
1067
876
|
# @return [String]
|
@@ -1084,15 +893,6 @@ module Aws::AccessAnalyzer
|
|
1084
893
|
|
1085
894
|
# Deletes an archive rule.
|
1086
895
|
#
|
1087
|
-
# @note When making an API call, you may pass DeleteArchiveRuleRequest
|
1088
|
-
# data as a hash:
|
1089
|
-
#
|
1090
|
-
# {
|
1091
|
-
# analyzer_name: "Name", # required
|
1092
|
-
# rule_name: "Name", # required
|
1093
|
-
# client_token: "String",
|
1094
|
-
# }
|
1095
|
-
#
|
1096
896
|
# @!attribute [rw] analyzer_name
|
1097
897
|
# The name of the analyzer that associated with the archive rule to
|
1098
898
|
# delete.
|
@@ -1129,15 +929,6 @@ module Aws::AccessAnalyzer
|
|
1129
929
|
#
|
1130
930
|
# [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html
|
1131
931
|
#
|
1132
|
-
# @note When making an API call, you may pass EbsSnapshotConfiguration
|
1133
|
-
# data as a hash:
|
1134
|
-
#
|
1135
|
-
# {
|
1136
|
-
# user_ids: ["EbsUserId"],
|
1137
|
-
# groups: ["EbsGroup"],
|
1138
|
-
# kms_key_id: "EbsSnapshotDataEncryptionKeyId",
|
1139
|
-
# }
|
1140
|
-
#
|
1141
932
|
# @!attribute [rw] user_ids
|
1142
933
|
# The IDs of the Amazon Web Services accounts that have access to the
|
1143
934
|
# Amazon EBS volume snapshot.
|
@@ -1217,13 +1008,6 @@ module Aws::AccessAnalyzer
|
|
1217
1008
|
#
|
1218
1009
|
# [1]: https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_Repository.html
|
1219
1010
|
#
|
1220
|
-
# @note When making an API call, you may pass EcrRepositoryConfiguration
|
1221
|
-
# data as a hash:
|
1222
|
-
#
|
1223
|
-
# {
|
1224
|
-
# repository_policy: "EcrRepositoryPolicy",
|
1225
|
-
# }
|
1226
|
-
#
|
1227
1011
|
# @!attribute [rw] repository_policy
|
1228
1012
|
# The JSON repository policy text to apply to the Amazon ECR
|
1229
1013
|
# repository. For more information, see [Private repository policy
|
@@ -1263,13 +1047,6 @@ module Aws::AccessAnalyzer
|
|
1263
1047
|
#
|
1264
1048
|
# [1]: https://docs.aws.amazon.com/efs/latest/ug/using-fs.html
|
1265
1049
|
#
|
1266
|
-
# @note When making an API call, you may pass EfsFileSystemConfiguration
|
1267
|
-
# data as a hash:
|
1268
|
-
#
|
1269
|
-
# {
|
1270
|
-
# file_system_policy: "EfsFileSystemPolicy",
|
1271
|
-
# }
|
1272
|
-
#
|
1273
1050
|
# @!attribute [rw] file_system_policy
|
1274
1051
|
# The JSON policy definition to apply to the Amazon EFS file system.
|
1275
1052
|
# For more information on the elements that make up a file system
|
@@ -1404,10 +1181,16 @@ module Aws::AccessAnalyzer
|
|
1404
1181
|
# multi-region access point.
|
1405
1182
|
# @return [String]
|
1406
1183
|
#
|
1184
|
+
# @!attribute [rw] access_point_account
|
1185
|
+
# The account of the cross-account access point that generated the
|
1186
|
+
# finding.
|
1187
|
+
# @return [String]
|
1188
|
+
#
|
1407
1189
|
# @see http://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/FindingSourceDetail AWS API Documentation
|
1408
1190
|
#
|
1409
1191
|
class FindingSourceDetail < Struct.new(
|
1410
|
-
:access_point_arn
|
1192
|
+
:access_point_arn,
|
1193
|
+
:access_point_account)
|
1411
1194
|
SENSITIVE = []
|
1412
1195
|
include Aws::Structure
|
1413
1196
|
end
|
@@ -1569,14 +1352,6 @@ module Aws::AccessAnalyzer
|
|
1569
1352
|
include Aws::Structure
|
1570
1353
|
end
|
1571
1354
|
|
1572
|
-
# @note When making an API call, you may pass GetAccessPreviewRequest
|
1573
|
-
# data as a hash:
|
1574
|
-
#
|
1575
|
-
# {
|
1576
|
-
# access_preview_id: "AccessPreviewId", # required
|
1577
|
-
# analyzer_arn: "AnalyzerArn", # required
|
1578
|
-
# }
|
1579
|
-
#
|
1580
1355
|
# @!attribute [rw] access_preview_id
|
1581
1356
|
# The unique ID for the access preview.
|
1582
1357
|
# @return [String]
|
@@ -1612,14 +1387,6 @@ module Aws::AccessAnalyzer
|
|
1612
1387
|
|
1613
1388
|
# Retrieves an analyzed resource.
|
1614
1389
|
#
|
1615
|
-
# @note When making an API call, you may pass GetAnalyzedResourceRequest
|
1616
|
-
# data as a hash:
|
1617
|
-
#
|
1618
|
-
# {
|
1619
|
-
# analyzer_arn: "AnalyzerArn", # required
|
1620
|
-
# resource_arn: "ResourceArn", # required
|
1621
|
-
# }
|
1622
|
-
#
|
1623
1390
|
# @!attribute [rw] analyzer_arn
|
1624
1391
|
# The [ARN of the analyzer][1] to retrieve information from.
|
1625
1392
|
#
|
@@ -1658,13 +1425,6 @@ module Aws::AccessAnalyzer
|
|
1658
1425
|
|
1659
1426
|
# Retrieves an analyzer.
|
1660
1427
|
#
|
1661
|
-
# @note When making an API call, you may pass GetAnalyzerRequest
|
1662
|
-
# data as a hash:
|
1663
|
-
#
|
1664
|
-
# {
|
1665
|
-
# analyzer_name: "Name", # required
|
1666
|
-
# }
|
1667
|
-
#
|
1668
1428
|
# @!attribute [rw] analyzer_name
|
1669
1429
|
# The name of the analyzer retrieved.
|
1670
1430
|
# @return [String]
|
@@ -1694,14 +1454,6 @@ module Aws::AccessAnalyzer
|
|
1694
1454
|
|
1695
1455
|
# Retrieves an archive rule.
|
1696
1456
|
#
|
1697
|
-
# @note When making an API call, you may pass GetArchiveRuleRequest
|
1698
|
-
# data as a hash:
|
1699
|
-
#
|
1700
|
-
# {
|
1701
|
-
# analyzer_name: "Name", # required
|
1702
|
-
# rule_name: "Name", # required
|
1703
|
-
# }
|
1704
|
-
#
|
1705
1457
|
# @!attribute [rw] analyzer_name
|
1706
1458
|
# The name of the analyzer to retrieve rules from.
|
1707
1459
|
# @return [String]
|
@@ -1735,14 +1487,6 @@ module Aws::AccessAnalyzer
|
|
1735
1487
|
|
1736
1488
|
# Retrieves a finding.
|
1737
1489
|
#
|
1738
|
-
# @note When making an API call, you may pass GetFindingRequest
|
1739
|
-
# data as a hash:
|
1740
|
-
#
|
1741
|
-
# {
|
1742
|
-
# analyzer_arn: "AnalyzerArn", # required
|
1743
|
-
# id: "FindingId", # required
|
1744
|
-
# }
|
1745
|
-
#
|
1746
1490
|
# @!attribute [rw] analyzer_arn
|
1747
1491
|
# The [ARN of the analyzer][1] that generated the finding.
|
1748
1492
|
#
|
@@ -1778,15 +1522,6 @@ module Aws::AccessAnalyzer
|
|
1778
1522
|
include Aws::Structure
|
1779
1523
|
end
|
1780
1524
|
|
1781
|
-
# @note When making an API call, you may pass GetGeneratedPolicyRequest
|
1782
|
-
# data as a hash:
|
1783
|
-
#
|
1784
|
-
# {
|
1785
|
-
# job_id: "JobId", # required
|
1786
|
-
# include_resource_placeholders: false,
|
1787
|
-
# include_service_level_template: false,
|
1788
|
-
# }
|
1789
|
-
#
|
1790
1525
|
# @!attribute [rw] job_id
|
1791
1526
|
# The `JobId` that is returned by the `StartPolicyGeneration`
|
1792
1527
|
# operation. The `JobId` can be used with `GetGeneratedPolicy` to
|
@@ -1856,13 +1591,6 @@ module Aws::AccessAnalyzer
|
|
1856
1591
|
#
|
1857
1592
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html
|
1858
1593
|
#
|
1859
|
-
# @note When making an API call, you may pass IamRoleConfiguration
|
1860
|
-
# data as a hash:
|
1861
|
-
#
|
1862
|
-
# {
|
1863
|
-
# trust_policy: "IamTrustPolicy",
|
1864
|
-
# }
|
1865
|
-
#
|
1866
1594
|
# @!attribute [rw] trust_policy
|
1867
1595
|
# The proposed trust policy for the IAM role.
|
1868
1596
|
# @return [String]
|
@@ -1878,21 +1606,6 @@ module Aws::AccessAnalyzer
|
|
1878
1606
|
# An criterion statement in an archive rule. Each archive rule may have
|
1879
1607
|
# multiple criteria.
|
1880
1608
|
#
|
1881
|
-
# @note When making an API call, you may pass InlineArchiveRule
|
1882
|
-
# data as a hash:
|
1883
|
-
#
|
1884
|
-
# {
|
1885
|
-
# rule_name: "Name", # required
|
1886
|
-
# filter: { # required
|
1887
|
-
# "String" => {
|
1888
|
-
# eq: ["String"],
|
1889
|
-
# neq: ["String"],
|
1890
|
-
# contains: ["String"],
|
1891
|
-
# exists: false,
|
1892
|
-
# },
|
1893
|
-
# },
|
1894
|
-
# }
|
1895
|
-
#
|
1896
1609
|
# @!attribute [rw] rule_name
|
1897
1610
|
# The name of the rule.
|
1898
1611
|
# @return [String]
|
@@ -2001,24 +1714,6 @@ module Aws::AccessAnalyzer
|
|
2001
1714
|
#
|
2002
1715
|
# [1]: https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateGrant.html
|
2003
1716
|
#
|
2004
|
-
# @note When making an API call, you may pass KmsGrantConfiguration
|
2005
|
-
# data as a hash:
|
2006
|
-
#
|
2007
|
-
# {
|
2008
|
-
# operations: ["CreateGrant"], # required, accepts CreateGrant, Decrypt, DescribeKey, Encrypt, GenerateDataKey, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GenerateDataKeyWithoutPlaintext, GetPublicKey, ReEncryptFrom, ReEncryptTo, RetireGrant, Sign, Verify
|
2009
|
-
# grantee_principal: "GranteePrincipal", # required
|
2010
|
-
# retiring_principal: "RetiringPrincipal",
|
2011
|
-
# constraints: {
|
2012
|
-
# encryption_context_equals: {
|
2013
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
2014
|
-
# },
|
2015
|
-
# encryption_context_subset: {
|
2016
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
2017
|
-
# },
|
2018
|
-
# },
|
2019
|
-
# issuing_account: "IssuingAccount", # required
|
2020
|
-
# }
|
2021
|
-
#
|
2022
1717
|
# @!attribute [rw] operations
|
2023
1718
|
# A list of operations that the grant permits.
|
2024
1719
|
# @return [Array<String>]
|
@@ -2078,18 +1773,6 @@ module Aws::AccessAnalyzer
|
|
2078
1773
|
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
|
2079
1774
|
# [3]: https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html
|
2080
1775
|
#
|
2081
|
-
# @note When making an API call, you may pass KmsGrantConstraints
|
2082
|
-
# data as a hash:
|
2083
|
-
#
|
2084
|
-
# {
|
2085
|
-
# encryption_context_equals: {
|
2086
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
2087
|
-
# },
|
2088
|
-
# encryption_context_subset: {
|
2089
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
2090
|
-
# },
|
2091
|
-
# }
|
2092
|
-
#
|
2093
1776
|
# @!attribute [rw] encryption_context_equals
|
2094
1777
|
# A list of key-value pairs that must match the encryption context in
|
2095
1778
|
# the [cryptographic operation][1] request. The grant allows the
|
@@ -2140,31 +1823,6 @@ module Aws::AccessAnalyzer
|
|
2140
1823
|
# [1]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default
|
2141
1824
|
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html
|
2142
1825
|
#
|
2143
|
-
# @note When making an API call, you may pass KmsKeyConfiguration
|
2144
|
-
# data as a hash:
|
2145
|
-
#
|
2146
|
-
# {
|
2147
|
-
# key_policies: {
|
2148
|
-
# "PolicyName" => "KmsKeyPolicy",
|
2149
|
-
# },
|
2150
|
-
# grants: [
|
2151
|
-
# {
|
2152
|
-
# operations: ["CreateGrant"], # required, accepts CreateGrant, Decrypt, DescribeKey, Encrypt, GenerateDataKey, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GenerateDataKeyWithoutPlaintext, GetPublicKey, ReEncryptFrom, ReEncryptTo, RetireGrant, Sign, Verify
|
2153
|
-
# grantee_principal: "GranteePrincipal", # required
|
2154
|
-
# retiring_principal: "RetiringPrincipal",
|
2155
|
-
# constraints: {
|
2156
|
-
# encryption_context_equals: {
|
2157
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
2158
|
-
# },
|
2159
|
-
# encryption_context_subset: {
|
2160
|
-
# "KmsConstraintsKey" => "KmsConstraintsValue",
|
2161
|
-
# },
|
2162
|
-
# },
|
2163
|
-
# issuing_account: "IssuingAccount", # required
|
2164
|
-
# },
|
2165
|
-
# ],
|
2166
|
-
# }
|
2167
|
-
#
|
2168
1826
|
# @!attribute [rw] key_policies
|
2169
1827
|
# Resource policy configuration for the KMS key. The only valid value
|
2170
1828
|
# for the name of the key policy is `default`. For more information,
|
@@ -2192,24 +1850,6 @@ module Aws::AccessAnalyzer
|
|
2192
1850
|
include Aws::Structure
|
2193
1851
|
end
|
2194
1852
|
|
2195
|
-
# @note When making an API call, you may pass ListAccessPreviewFindingsRequest
|
2196
|
-
# data as a hash:
|
2197
|
-
#
|
2198
|
-
# {
|
2199
|
-
# access_preview_id: "AccessPreviewId", # required
|
2200
|
-
# analyzer_arn: "AnalyzerArn", # required
|
2201
|
-
# filter: {
|
2202
|
-
# "String" => {
|
2203
|
-
# eq: ["String"],
|
2204
|
-
# neq: ["String"],
|
2205
|
-
# contains: ["String"],
|
2206
|
-
# exists: false,
|
2207
|
-
# },
|
2208
|
-
# },
|
2209
|
-
# next_token: "Token",
|
2210
|
-
# max_results: 1,
|
2211
|
-
# }
|
2212
|
-
#
|
2213
1853
|
# @!attribute [rw] access_preview_id
|
2214
1854
|
# The unique ID for the access preview.
|
2215
1855
|
# @return [String]
|
@@ -2264,15 +1904,6 @@ module Aws::AccessAnalyzer
|
|
2264
1904
|
include Aws::Structure
|
2265
1905
|
end
|
2266
1906
|
|
2267
|
-
# @note When making an API call, you may pass ListAccessPreviewsRequest
|
2268
|
-
# data as a hash:
|
2269
|
-
#
|
2270
|
-
# {
|
2271
|
-
# analyzer_arn: "AnalyzerArn", # required
|
2272
|
-
# next_token: "Token",
|
2273
|
-
# max_results: 1,
|
2274
|
-
# }
|
2275
|
-
#
|
2276
1907
|
# @!attribute [rw] analyzer_arn
|
2277
1908
|
# The [ARN of the analyzer][1] used to generate the access preview.
|
2278
1909
|
#
|
@@ -2318,16 +1949,6 @@ module Aws::AccessAnalyzer
|
|
2318
1949
|
|
2319
1950
|
# Retrieves a list of resources that have been analyzed.
|
2320
1951
|
#
|
2321
|
-
# @note When making an API call, you may pass ListAnalyzedResourcesRequest
|
2322
|
-
# data as a hash:
|
2323
|
-
#
|
2324
|
-
# {
|
2325
|
-
# analyzer_arn: "AnalyzerArn", # required
|
2326
|
-
# resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::IAM::Role, AWS::SQS::Queue, AWS::Lambda::Function, AWS::Lambda::LayerVersion, AWS::KMS::Key, AWS::SecretsManager::Secret, AWS::EFS::FileSystem, AWS::EC2::Snapshot, AWS::ECR::Repository, AWS::RDS::DBSnapshot, AWS::RDS::DBClusterSnapshot, AWS::SNS::Topic
|
2327
|
-
# next_token: "Token",
|
2328
|
-
# max_results: 1,
|
2329
|
-
# }
|
2330
|
-
#
|
2331
1952
|
# @!attribute [rw] analyzer_arn
|
2332
1953
|
# The [ARN of the analyzer][1] to retrieve a list of analyzed
|
2333
1954
|
# resources from.
|
@@ -2381,15 +2002,6 @@ module Aws::AccessAnalyzer
|
|
2381
2002
|
|
2382
2003
|
# Retrieves a list of analyzers.
|
2383
2004
|
#
|
2384
|
-
# @note When making an API call, you may pass ListAnalyzersRequest
|
2385
|
-
# data as a hash:
|
2386
|
-
#
|
2387
|
-
# {
|
2388
|
-
# next_token: "Token",
|
2389
|
-
# max_results: 1,
|
2390
|
-
# type: "ACCOUNT", # accepts ACCOUNT, ORGANIZATION
|
2391
|
-
# }
|
2392
|
-
#
|
2393
2005
|
# @!attribute [rw] next_token
|
2394
2006
|
# A token used for pagination of results returned.
|
2395
2007
|
# @return [String]
|
@@ -2433,15 +2045,6 @@ module Aws::AccessAnalyzer
|
|
2433
2045
|
|
2434
2046
|
# Retrieves a list of archive rules created for the specified analyzer.
|
2435
2047
|
#
|
2436
|
-
# @note When making an API call, you may pass ListArchiveRulesRequest
|
2437
|
-
# data as a hash:
|
2438
|
-
#
|
2439
|
-
# {
|
2440
|
-
# analyzer_name: "Name", # required
|
2441
|
-
# next_token: "Token",
|
2442
|
-
# max_results: 1,
|
2443
|
-
# }
|
2444
|
-
#
|
2445
2048
|
# @!attribute [rw] analyzer_name
|
2446
2049
|
# The name of the analyzer to retrieve rules from.
|
2447
2050
|
# @return [String]
|
@@ -2485,27 +2088,6 @@ module Aws::AccessAnalyzer
|
|
2485
2088
|
|
2486
2089
|
# Retrieves a list of findings generated by the specified analyzer.
|
2487
2090
|
#
|
2488
|
-
# @note When making an API call, you may pass ListFindingsRequest
|
2489
|
-
# data as a hash:
|
2490
|
-
#
|
2491
|
-
# {
|
2492
|
-
# analyzer_arn: "AnalyzerArn", # required
|
2493
|
-
# filter: {
|
2494
|
-
# "String" => {
|
2495
|
-
# eq: ["String"],
|
2496
|
-
# neq: ["String"],
|
2497
|
-
# contains: ["String"],
|
2498
|
-
# exists: false,
|
2499
|
-
# },
|
2500
|
-
# },
|
2501
|
-
# sort: {
|
2502
|
-
# attribute_name: "String",
|
2503
|
-
# order_by: "ASC", # accepts ASC, DESC
|
2504
|
-
# },
|
2505
|
-
# next_token: "Token",
|
2506
|
-
# max_results: 1,
|
2507
|
-
# }
|
2508
|
-
#
|
2509
2091
|
# @!attribute [rw] analyzer_arn
|
2510
2092
|
# The [ARN of the analyzer][1] to retrieve findings from.
|
2511
2093
|
#
|
@@ -2562,15 +2144,6 @@ module Aws::AccessAnalyzer
|
|
2562
2144
|
include Aws::Structure
|
2563
2145
|
end
|
2564
2146
|
|
2565
|
-
# @note When making an API call, you may pass ListPolicyGenerationsRequest
|
2566
|
-
# data as a hash:
|
2567
|
-
#
|
2568
|
-
# {
|
2569
|
-
# principal_arn: "PrincipalArn",
|
2570
|
-
# max_results: 1,
|
2571
|
-
# next_token: "Token",
|
2572
|
-
# }
|
2573
|
-
#
|
2574
2147
|
# @!attribute [rw] principal_arn
|
2575
2148
|
# The ARN of the IAM entity (user or role) for which you are
|
2576
2149
|
# generating a policy. Use this with `ListGeneratedPolicies` to filter
|
@@ -2615,13 +2188,6 @@ module Aws::AccessAnalyzer
|
|
2615
2188
|
|
2616
2189
|
# Retrieves a list of tags applied to the specified resource.
|
2617
2190
|
#
|
2618
|
-
# @note When making an API call, you may pass ListTagsForResourceRequest
|
2619
|
-
# data as a hash:
|
2620
|
-
#
|
2621
|
-
# {
|
2622
|
-
# resource_arn: "String", # required
|
2623
|
-
# }
|
2624
|
-
#
|
2625
2191
|
# @!attribute [rw] resource_arn
|
2626
2192
|
# The ARN of the resource to retrieve tags from.
|
2627
2193
|
# @return [String]
|
@@ -2796,13 +2362,6 @@ module Aws::AccessAnalyzer
|
|
2796
2362
|
# Contains the ARN details about the IAM entity for which the policy is
|
2797
2363
|
# generated.
|
2798
2364
|
#
|
2799
|
-
# @note When making an API call, you may pass PolicyGenerationDetails
|
2800
|
-
# data as a hash:
|
2801
|
-
#
|
2802
|
-
# {
|
2803
|
-
# principal_arn: "PrincipalArn", # required
|
2804
|
-
# }
|
2805
|
-
#
|
2806
2365
|
# @!attribute [rw] principal_arn
|
2807
2366
|
# The ARN of the IAM entity (user or role) for which you are
|
2808
2367
|
# generating a policy.
|
@@ -2892,18 +2451,6 @@ module Aws::AccessAnalyzer
|
|
2892
2451
|
#
|
2893
2452
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html
|
2894
2453
|
#
|
2895
|
-
# @note When making an API call, you may pass RdsDbClusterSnapshotConfiguration
|
2896
|
-
# data as a hash:
|
2897
|
-
#
|
2898
|
-
# {
|
2899
|
-
# attributes: {
|
2900
|
-
# "RdsDbClusterSnapshotAttributeName" => {
|
2901
|
-
# account_ids: ["RdsDbClusterSnapshotAccountId"],
|
2902
|
-
# },
|
2903
|
-
# },
|
2904
|
-
# kms_key_id: "RdsDbClusterSnapshotKmsKeyId",
|
2905
|
-
# }
|
2906
|
-
#
|
2907
2454
|
# @!attribute [rw] attributes
|
2908
2455
|
# The names and values of manual DB cluster snapshot attributes.
|
2909
2456
|
# Manual DB cluster snapshot attributes are used to authorize other
|
@@ -2988,18 +2535,6 @@ module Aws::AccessAnalyzer
|
|
2988
2535
|
#
|
2989
2536
|
# [1]: https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html
|
2990
2537
|
#
|
2991
|
-
# @note When making an API call, you may pass RdsDbSnapshotConfiguration
|
2992
|
-
# data as a hash:
|
2993
|
-
#
|
2994
|
-
# {
|
2995
|
-
# attributes: {
|
2996
|
-
# "RdsDbSnapshotAttributeName" => {
|
2997
|
-
# account_ids: ["RdsDbSnapshotAccountId"],
|
2998
|
-
# },
|
2999
|
-
# },
|
3000
|
-
# kms_key_id: "RdsDbSnapshotKmsKeyId",
|
3001
|
-
# }
|
3002
|
-
#
|
3003
2538
|
# @!attribute [rw] attributes
|
3004
2539
|
# The names and values of manual DB snapshot attributes. Manual DB
|
3005
2540
|
# snapshot attributes are used to authorize other Amazon Web Services
|
@@ -3070,24 +2605,6 @@ module Aws::AccessAnalyzer
|
|
3070
2605
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html
|
3071
2606
|
# [2]: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points-restrictions-limitations.html
|
3072
2607
|
#
|
3073
|
-
# @note When making an API call, you may pass S3AccessPointConfiguration
|
3074
|
-
# data as a hash:
|
3075
|
-
#
|
3076
|
-
# {
|
3077
|
-
# access_point_policy: "AccessPointPolicy",
|
3078
|
-
# public_access_block: {
|
3079
|
-
# ignore_public_acls: false, # required
|
3080
|
-
# restrict_public_buckets: false, # required
|
3081
|
-
# },
|
3082
|
-
# network_origin: {
|
3083
|
-
# vpc_configuration: {
|
3084
|
-
# vpc_id: "VpcId", # required
|
3085
|
-
# },
|
3086
|
-
# internet_configuration: {
|
3087
|
-
# },
|
3088
|
-
# },
|
3089
|
-
# }
|
3090
|
-
#
|
3091
2608
|
# @!attribute [rw] access_point_policy
|
3092
2609
|
# The access point or multi-region access point policy.
|
3093
2610
|
# @return [String]
|
@@ -3124,17 +2641,6 @@ module Aws::AccessAnalyzer
|
|
3124
2641
|
#
|
3125
2642
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#setting-acls
|
3126
2643
|
#
|
3127
|
-
# @note When making an API call, you may pass S3BucketAclGrantConfiguration
|
3128
|
-
# data as a hash:
|
3129
|
-
#
|
3130
|
-
# {
|
3131
|
-
# permission: "READ", # required, accepts READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL
|
3132
|
-
# grantee: { # required
|
3133
|
-
# id: "AclCanonicalId",
|
3134
|
-
# uri: "AclUri",
|
3135
|
-
# },
|
3136
|
-
# }
|
3137
|
-
#
|
3138
2644
|
# @!attribute [rw] permission
|
3139
2645
|
# The permissions being granted.
|
3140
2646
|
# @return [String]
|
@@ -3170,42 +2676,6 @@ module Aws::AccessAnalyzer
|
|
3170
2676
|
#
|
3171
2677
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html
|
3172
2678
|
#
|
3173
|
-
# @note When making an API call, you may pass S3BucketConfiguration
|
3174
|
-
# data as a hash:
|
3175
|
-
#
|
3176
|
-
# {
|
3177
|
-
# bucket_policy: "S3BucketPolicy",
|
3178
|
-
# bucket_acl_grants: [
|
3179
|
-
# {
|
3180
|
-
# permission: "READ", # required, accepts READ, WRITE, READ_ACP, WRITE_ACP, FULL_CONTROL
|
3181
|
-
# grantee: { # required
|
3182
|
-
# id: "AclCanonicalId",
|
3183
|
-
# uri: "AclUri",
|
3184
|
-
# },
|
3185
|
-
# },
|
3186
|
-
# ],
|
3187
|
-
# bucket_public_access_block: {
|
3188
|
-
# ignore_public_acls: false, # required
|
3189
|
-
# restrict_public_buckets: false, # required
|
3190
|
-
# },
|
3191
|
-
# access_points: {
|
3192
|
-
# "AccessPointArn" => {
|
3193
|
-
# access_point_policy: "AccessPointPolicy",
|
3194
|
-
# public_access_block: {
|
3195
|
-
# ignore_public_acls: false, # required
|
3196
|
-
# restrict_public_buckets: false, # required
|
3197
|
-
# },
|
3198
|
-
# network_origin: {
|
3199
|
-
# vpc_configuration: {
|
3200
|
-
# vpc_id: "VpcId", # required
|
3201
|
-
# },
|
3202
|
-
# internet_configuration: {
|
3203
|
-
# },
|
3204
|
-
# },
|
3205
|
-
# },
|
3206
|
-
# },
|
3207
|
-
# }
|
3208
|
-
#
|
3209
2679
|
# @!attribute [rw] bucket_policy
|
3210
2680
|
# The proposed bucket policy for the Amazon S3 bucket.
|
3211
2681
|
# @return [String]
|
@@ -3255,14 +2725,6 @@ module Aws::AccessAnalyzer
|
|
3255
2725
|
#
|
3256
2726
|
# [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html
|
3257
2727
|
#
|
3258
|
-
# @note When making an API call, you may pass S3PublicAccessBlockConfiguration
|
3259
|
-
# data as a hash:
|
3260
|
-
#
|
3261
|
-
# {
|
3262
|
-
# ignore_public_acls: false, # required
|
3263
|
-
# restrict_public_buckets: false, # required
|
3264
|
-
# }
|
3265
|
-
#
|
3266
2728
|
# @!attribute [rw] ignore_public_acls
|
3267
2729
|
# Specifies whether Amazon S3 should ignore public ACLs for this
|
3268
2730
|
# bucket and objects in this bucket.
|
@@ -3305,14 +2767,6 @@ module Aws::AccessAnalyzer
|
|
3305
2767
|
# [1]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html
|
3306
2768
|
# [2]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html
|
3307
2769
|
#
|
3308
|
-
# @note When making an API call, you may pass SecretsManagerSecretConfiguration
|
3309
|
-
# data as a hash:
|
3310
|
-
#
|
3311
|
-
# {
|
3312
|
-
# kms_key_id: "SecretsManagerSecretKmsId",
|
3313
|
-
# secret_policy: "SecretsManagerSecretPolicy",
|
3314
|
-
# }
|
3315
|
-
#
|
3316
2770
|
# @!attribute [rw] kms_key_id
|
3317
2771
|
# The proposed ARN, key ID, or alias of the KMS key.
|
3318
2772
|
# @return [String]
|
@@ -3370,13 +2824,6 @@ module Aws::AccessAnalyzer
|
|
3370
2824
|
#
|
3371
2825
|
# [1]: https://docs.aws.amazon.com/sns/latest/api/API_Topic.html
|
3372
2826
|
#
|
3373
|
-
# @note When making an API call, you may pass SnsTopicConfiguration
|
3374
|
-
# data as a hash:
|
3375
|
-
#
|
3376
|
-
# {
|
3377
|
-
# topic_policy: "SnsTopicPolicy",
|
3378
|
-
# }
|
3379
|
-
#
|
3380
2827
|
# @!attribute [rw] topic_policy
|
3381
2828
|
# The JSON policy text that defines who can access an Amazon SNS
|
3382
2829
|
# topic. For more information, see [Example cases for Amazon SNS
|
@@ -3397,14 +2844,6 @@ module Aws::AccessAnalyzer
|
|
3397
2844
|
|
3398
2845
|
# The criteria used to sort.
|
3399
2846
|
#
|
3400
|
-
# @note When making an API call, you may pass SortCriteria
|
3401
|
-
# data as a hash:
|
3402
|
-
#
|
3403
|
-
# {
|
3404
|
-
# attribute_name: "String",
|
3405
|
-
# order_by: "ASC", # accepts ASC, DESC
|
3406
|
-
# }
|
3407
|
-
#
|
3408
2847
|
# @!attribute [rw] attribute_name
|
3409
2848
|
# The name of the attribute to sort on.
|
3410
2849
|
# @return [String]
|
@@ -3458,13 +2897,6 @@ module Aws::AccessAnalyzer
|
|
3458
2897
|
#
|
3459
2898
|
# [1]: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-policies.html
|
3460
2899
|
#
|
3461
|
-
# @note When making an API call, you may pass SqsQueueConfiguration
|
3462
|
-
# data as a hash:
|
3463
|
-
#
|
3464
|
-
# {
|
3465
|
-
# queue_policy: "SqsQueuePolicy",
|
3466
|
-
# }
|
3467
|
-
#
|
3468
2900
|
# @!attribute [rw] queue_policy
|
3469
2901
|
# The proposed resource policy for the Amazon SQS queue.
|
3470
2902
|
# @return [String]
|
@@ -3477,28 +2909,6 @@ module Aws::AccessAnalyzer
|
|
3477
2909
|
include Aws::Structure
|
3478
2910
|
end
|
3479
2911
|
|
3480
|
-
# @note When making an API call, you may pass StartPolicyGenerationRequest
|
3481
|
-
# data as a hash:
|
3482
|
-
#
|
3483
|
-
# {
|
3484
|
-
# policy_generation_details: { # required
|
3485
|
-
# principal_arn: "PrincipalArn", # required
|
3486
|
-
# },
|
3487
|
-
# cloud_trail_details: {
|
3488
|
-
# trails: [ # required
|
3489
|
-
# {
|
3490
|
-
# cloud_trail_arn: "CloudTrailArn", # required
|
3491
|
-
# regions: ["String"],
|
3492
|
-
# all_regions: false,
|
3493
|
-
# },
|
3494
|
-
# ],
|
3495
|
-
# access_role: "RoleArn", # required
|
3496
|
-
# start_time: Time.now, # required
|
3497
|
-
# end_time: Time.now,
|
3498
|
-
# },
|
3499
|
-
# client_token: "String",
|
3500
|
-
# }
|
3501
|
-
#
|
3502
2912
|
# @!attribute [rw] policy_generation_details
|
3503
2913
|
# Contains the ARN of the IAM entity (user or role) for which you are
|
3504
2914
|
# generating a policy.
|
@@ -3551,15 +2961,6 @@ module Aws::AccessAnalyzer
|
|
3551
2961
|
|
3552
2962
|
# Starts a scan of the policies applied to the specified resource.
|
3553
2963
|
#
|
3554
|
-
# @note When making an API call, you may pass StartResourceScanRequest
|
3555
|
-
# data as a hash:
|
3556
|
-
#
|
3557
|
-
# {
|
3558
|
-
# analyzer_arn: "AnalyzerArn", # required
|
3559
|
-
# resource_arn: "ResourceArn", # required
|
3560
|
-
# resource_owner_account: "String",
|
3561
|
-
# }
|
3562
|
-
#
|
3563
2964
|
# @!attribute [rw] analyzer_arn
|
3564
2965
|
# The [ARN of the analyzer][1] to use to scan the policies applied to
|
3565
2966
|
# the specified resource.
|
@@ -3628,16 +3029,6 @@ module Aws::AccessAnalyzer
|
|
3628
3029
|
|
3629
3030
|
# Adds a tag to the specified resource.
|
3630
3031
|
#
|
3631
|
-
# @note When making an API call, you may pass TagResourceRequest
|
3632
|
-
# data as a hash:
|
3633
|
-
#
|
3634
|
-
# {
|
3635
|
-
# resource_arn: "String", # required
|
3636
|
-
# tags: { # required
|
3637
|
-
# "String" => "String",
|
3638
|
-
# },
|
3639
|
-
# }
|
3640
|
-
#
|
3641
3032
|
# @!attribute [rw] resource_arn
|
3642
3033
|
# The ARN of the resource to add the tag to.
|
3643
3034
|
# @return [String]
|
@@ -3682,15 +3073,6 @@ module Aws::AccessAnalyzer
|
|
3682
3073
|
# Contains details about the CloudTrail trail being analyzed to generate
|
3683
3074
|
# a policy.
|
3684
3075
|
#
|
3685
|
-
# @note When making an API call, you may pass Trail
|
3686
|
-
# data as a hash:
|
3687
|
-
#
|
3688
|
-
# {
|
3689
|
-
# cloud_trail_arn: "CloudTrailArn", # required
|
3690
|
-
# regions: ["String"],
|
3691
|
-
# all_regions: false,
|
3692
|
-
# }
|
3693
|
-
#
|
3694
3076
|
# @!attribute [rw] cloud_trail_arn
|
3695
3077
|
# Specifies the ARN of the trail. The format of a trail ARN is
|
3696
3078
|
# `arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail`.
|
@@ -3748,14 +3130,6 @@ module Aws::AccessAnalyzer
|
|
3748
3130
|
|
3749
3131
|
# Removes a tag from the specified resource.
|
3750
3132
|
#
|
3751
|
-
# @note When making an API call, you may pass UntagResourceRequest
|
3752
|
-
# data as a hash:
|
3753
|
-
#
|
3754
|
-
# {
|
3755
|
-
# resource_arn: "String", # required
|
3756
|
-
# tag_keys: ["String"], # required
|
3757
|
-
# }
|
3758
|
-
#
|
3759
3133
|
# @!attribute [rw] resource_arn
|
3760
3134
|
# The ARN of the resource to remove the tag from.
|
3761
3135
|
# @return [String]
|
@@ -3781,23 +3155,6 @@ module Aws::AccessAnalyzer
|
|
3781
3155
|
|
3782
3156
|
# Updates the specified archive rule.
|
3783
3157
|
#
|
3784
|
-
# @note When making an API call, you may pass UpdateArchiveRuleRequest
|
3785
|
-
# data as a hash:
|
3786
|
-
#
|
3787
|
-
# {
|
3788
|
-
# analyzer_name: "Name", # required
|
3789
|
-
# rule_name: "Name", # required
|
3790
|
-
# filter: { # required
|
3791
|
-
# "String" => {
|
3792
|
-
# eq: ["String"],
|
3793
|
-
# neq: ["String"],
|
3794
|
-
# contains: ["String"],
|
3795
|
-
# exists: false,
|
3796
|
-
# },
|
3797
|
-
# },
|
3798
|
-
# client_token: "String",
|
3799
|
-
# }
|
3800
|
-
#
|
3801
3158
|
# @!attribute [rw] analyzer_name
|
3802
3159
|
# The name of the analyzer to update the archive rules for.
|
3803
3160
|
# @return [String]
|
@@ -3831,17 +3188,6 @@ module Aws::AccessAnalyzer
|
|
3831
3188
|
|
3832
3189
|
# Updates findings with the new values provided in the request.
|
3833
3190
|
#
|
3834
|
-
# @note When making an API call, you may pass UpdateFindingsRequest
|
3835
|
-
# data as a hash:
|
3836
|
-
#
|
3837
|
-
# {
|
3838
|
-
# analyzer_arn: "AnalyzerArn", # required
|
3839
|
-
# status: "ACTIVE", # required, accepts ACTIVE, ARCHIVED
|
3840
|
-
# ids: ["FindingId"],
|
3841
|
-
# resource_arn: "ResourceArn",
|
3842
|
-
# client_token: "String",
|
3843
|
-
# }
|
3844
|
-
#
|
3845
3191
|
# @!attribute [rw] analyzer_arn
|
3846
3192
|
# The [ARN of the analyzer][1] that generated the findings to update.
|
3847
3193
|
#
|
@@ -3934,18 +3280,6 @@ module Aws::AccessAnalyzer
|
|
3934
3280
|
include Aws::Structure
|
3935
3281
|
end
|
3936
3282
|
|
3937
|
-
# @note When making an API call, you may pass ValidatePolicyRequest
|
3938
|
-
# data as a hash:
|
3939
|
-
#
|
3940
|
-
# {
|
3941
|
-
# locale: "DE", # accepts DE, EN, ES, FR, IT, JA, KO, PT_BR, ZH_CN, ZH_TW
|
3942
|
-
# max_results: 1,
|
3943
|
-
# next_token: "Token",
|
3944
|
-
# policy_document: "PolicyDocument", # required
|
3945
|
-
# policy_type: "IDENTITY_POLICY", # required, accepts IDENTITY_POLICY, RESOURCE_POLICY, SERVICE_CONTROL_POLICY
|
3946
|
-
# validate_policy_resource_type: "AWS::S3::Bucket", # accepts AWS::S3::Bucket, AWS::S3::AccessPoint, AWS::S3::MultiRegionAccessPoint, AWS::S3ObjectLambda::AccessPoint, AWS::IAM::AssumeRolePolicyDocument
|
3947
|
-
# }
|
3948
|
-
#
|
3949
3283
|
# @!attribute [rw] locale
|
3950
3284
|
# The locale to use for localizing the findings.
|
3951
3285
|
# @return [String]
|
@@ -4072,13 +3406,6 @@ module Aws::AccessAnalyzer
|
|
4072
3406
|
#
|
4073
3407
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html
|
4074
3408
|
#
|
4075
|
-
# @note When making an API call, you may pass VpcConfiguration
|
4076
|
-
# data as a hash:
|
4077
|
-
#
|
4078
|
-
# {
|
4079
|
-
# vpc_id: "VpcId", # required
|
4080
|
-
# }
|
4081
|
-
#
|
4082
3409
|
# @!attribute [rw] vpc_id
|
4083
3410
|
# If this field is specified, this access point will only allow
|
4084
3411
|
# connections from the specified VPC ID.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-accessanalyzer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.33.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-01-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|