You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Sources/Soto/Services/AccessAnalyzer/AccessAnalyzer_api.swift
+38-6Lines changed: 38 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -179,9 +179,9 @@ public struct AccessAnalyzer: AWSService {
179
179
/// Checks whether the specified access isn't allowed by a policy.
180
180
///
181
181
/// Parameters:
182
-
/// - access: An access object containing the permissions that shouldn't be granted by the specified policy. If only actions are specified, IAM Access Analyzer checks for access of the actions on all resources in the policy. If only resources are specified, then IAM Access Analyzer checks which actions have access to the specified resources. If both actions and resources are specified, then IAM Access Analyzer checks which of the specified actions have access to the specified resources.
182
+
/// - access: An access object containing the permissions that shouldn't be granted by the specified policy. If only actions are specified, IAM Access Analyzer checks for access to peform at least one of the actions on any resource in the policy. If only resources are specified, then IAM Access Analyzer checks for access to perform any action on at least one of the resources. If both actions and resources are specified, IAM Access Analyzer checks for access to perform at least one of the specified actions on at least one of the specified resources.
183
183
/// - policyDocument: The JSON policy document to use as the content for the policy.
184
-
/// - policyType: The type of policy. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups. Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.
184
+
/// - policyType: The type of policy. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups. Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets.
185
185
/// - logger: Logger use during operation
186
186
@inlinable
187
187
publicfunc checkAccessNotGranted(
@@ -319,8 +319,8 @@ public struct AccessAnalyzer: AWSService {
319
319
/// - analyzerName: The name of the analyzer to create.
320
320
/// - archiveRules: Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
321
321
/// - clientToken: A client token.
322
-
/// - configuration: Specifies the configuration of the analyzer. If the analyzer is an unused access analyzer, the specified scope of unused access is used for the configuration. If the analyzer is an external access analyzer, this field is not used.
323
-
/// - tags: An array of key-value pairs to apply to the analyzer.
322
+
/// - configuration: Specifies the configuration of the analyzer. If the analyzer is an unused access analyzer, the specified scope of unused access is used for the configuration.
323
+
/// - tags: An array of key-value pairs to apply to the analyzer. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:. For the tag value, you can specify a value that is 0 to 256 characters in length.
324
324
/// - type: The type of analyzer to create. Only ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS, and ORGANIZATION_UNUSED_ACCESS analyzers are supported. You can create only one analyzer per account per Region. You can create up to 5 analyzers per organization per Region.
325
325
/// - logger: Logger use during operation
326
326
@inlinable
@@ -825,7 +825,7 @@ public struct AccessAnalyzer: AWSService {
/// Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer. This action is not supported for unused access analyzers.
828
+
/// Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer.
@@ -838,7 +838,7 @@ public struct AccessAnalyzer: AWSService {
838
838
logger: logger
839
839
)
840
840
}
841
-
/// Retrieves a list of resources of the specified type that have been analyzed by the specified external access analyzer. This action is not supported for unused access analyzers.
841
+
/// Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer.
842
842
///
843
843
/// Parameters:
844
844
/// - analyzerArn: The ARN of the analyzer to retrieve a list of analyzed resources from.
@@ -1213,6 +1213,38 @@ public struct AccessAnalyzer: AWSService {
![soto-automation[bot]](https://avatars.githubusercontent.com/u/29722075?v=4&size=40){kind=avatar}
0 commit comments