accessanalyzer: Access Analyzer
In paws: Amazon Web Services Software Development Kit
accessanalyzer R Documentation
Access Analyzer
Description
Identity and Access Management Access Analyzer helps identify potential
resource-access risks by enabling you to identify any policies that
grant access to an external principal. It does this by using logic-based
reasoning to analyze resource-based policies in your Amazon Web Services
environment. An external principal can be another Amazon Web Services
account, a root user, an IAM user or role, a federated user, an Amazon
Web Services service, or an anonymous user. You can also use IAM Access
Analyzer to preview and validate public and cross-account access to your
resources before deploying permissions changes. This guide describes the
Identity and Access Management Access Analyzer operations that you can
call programmatically. For general information about IAM Access
Analyzer, see Identity and Access Management Access Analyzer
in the IAM User Guide.
To start using IAM Access Analyzer, you first need to create an
analyzer.
Usage
accessanalyzer(
config = list(),
credentials = list(),
endpoint = NULL,
region = NULL
)
Arguments
config
Optional configuration of credentials, endpoint, and/or region.
credentials:
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
endpoint: The complete URL to use for the constructed client.
region: The AWS Region used in instantiating the client.
close_connection: Immediately close all HTTP connections.
timeout: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.
s3_force_path_style: Set this to true to force the request to use path-style addressing, i.e. http://s3.amazonaws.com/BUCKET/KEY.
sts_regional_endpoint: Set sts regional endpoint resolver to regional or legacy https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html
credentials
Optional credentials shorthand for the config parameter
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
endpoint
Optional shorthand for complete URL to use for the constructed client.
region
Optional shorthand for AWS Region used in instantiating the client.
Value
A client for the service. You can call the service's operations using
syntax like svc$operation(...), where svc is the name you've assigned
to the client. The available operations are listed in the
Operations section.
Service syntax
svc <- accessanalyzer(
config = list(
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string",
close_connection = "logical",
timeout = "numeric",
s3_force_path_style = "logical",
sts_regional_endpoint = "string"
),
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string"
)
Operations
apply_archive_rule Retroactively applies the archive rule to existing findings that meet the archive rule criteria
cancel_policy_generation Cancels the requested policy generation
create_access_preview Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions
create_analyzer Creates an analyzer for your account
create_archive_rule Creates an archive rule for the specified analyzer
delete_analyzer Deletes the specified analyzer
delete_archive_rule Deletes the specified archive rule
get_access_preview Retrieves information about an access preview for the specified analyzer
get_analyzed_resource Retrieves information about a resource that was analyzed
get_analyzer Retrieves information about the specified analyzer
get_archive_rule Retrieves information about an archive rule
get_finding Retrieves information about the specified finding
get_generated_policy Retrieves the policy that was generated using StartPolicyGeneration
list_access_preview_findings Retrieves a list of access preview findings generated by the specified access preview
list_access_previews Retrieves a list of access previews for the specified analyzer
list_analyzed_resources Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer
list_analyzers Retrieves a list of analyzers
list_archive_rules Retrieves a list of archive rules created for the specified analyzer
list_findings Retrieves a list of findings generated by the specified analyzer
list_policy_generations Lists all of the policy generations requested in the last seven days
list_tags_for_resource Retrieves a list of tags applied to the specified resource
start_policy_generation Starts the policy generation request
start_resource_scan Immediately starts a scan of the policies applied to the specified resource
tag_resource Adds a tag to the specified resource
untag_resource Removes a tag from the specified resource
update_archive_rule Updates the criteria and values for the specified archive rule
update_findings Updates the status for the specified findings
validate_policy Requests the validation of a policy and returns a list of findings
Examples
## Not run:
svc <- accessanalyzer()
svc$apply_archive_rule(
Foo = 123
)
## End(Not run)
paws documentation built on Sept. 15, 2023, 5:06 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
| accessanalyzer | R Documentation |
Access Analyzer
Description
Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to identify any policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An external principal can be another Amazon Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to preview and validate public and cross-account access to your resources before deploying permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can call programmatically. For general information about IAM Access Analyzer, see Identity and Access Management Access Analyzer in the IAM User Guide.
To start using IAM Access Analyzer, you first need to create an analyzer.
Usage
accessanalyzer(
config = list(),
credentials = list(),
endpoint = NULL,
region = NULL
)
Arguments
config |
Optional configuration of credentials, endpoint, and/or region.
|
credentials |
Optional credentials shorthand for the config parameter
|
endpoint |
Optional shorthand for complete URL to use for the constructed client. |
region |
Optional shorthand for AWS Region used in instantiating the client. |
Value
A client for the service. You can call the service's operations using
syntax like svc$operation(...), where svc is the name you've assigned
to the client. The available operations are listed in the
Operations section.
Service syntax
svc <- accessanalyzer(
config = list(
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string",
close_connection = "logical",
timeout = "numeric",
s3_force_path_style = "logical",
sts_regional_endpoint = "string"
),
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string"
)
Operations
| apply_archive_rule | Retroactively applies the archive rule to existing findings that meet the archive rule criteria |
| cancel_policy_generation | Cancels the requested policy generation |
| create_access_preview | Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions |
| create_analyzer | Creates an analyzer for your account |
| create_archive_rule | Creates an archive rule for the specified analyzer |
| delete_analyzer | Deletes the specified analyzer |
| delete_archive_rule | Deletes the specified archive rule |
| get_access_preview | Retrieves information about an access preview for the specified analyzer |
| get_analyzed_resource | Retrieves information about a resource that was analyzed |
| get_analyzer | Retrieves information about the specified analyzer |
| get_archive_rule | Retrieves information about an archive rule |
| get_finding | Retrieves information about the specified finding |
| get_generated_policy | Retrieves the policy that was generated using StartPolicyGeneration |
| list_access_preview_findings | Retrieves a list of access preview findings generated by the specified access preview |
| list_access_previews | Retrieves a list of access previews for the specified analyzer |
| list_analyzed_resources | Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer |
| list_analyzers | Retrieves a list of analyzers |
| list_archive_rules | Retrieves a list of archive rules created for the specified analyzer |
| list_findings | Retrieves a list of findings generated by the specified analyzer |
| list_policy_generations | Lists all of the policy generations requested in the last seven days |
| list_tags_for_resource | Retrieves a list of tags applied to the specified resource |
| start_policy_generation | Starts the policy generation request |
| start_resource_scan | Immediately starts a scan of the policies applied to the specified resource |
| tag_resource | Adds a tag to the specified resource |
| untag_resource | Removes a tag from the specified resource |
| update_archive_rule | Updates the criteria and values for the specified archive rule |
| update_findings | Updates the status for the specified findings |
| validate_policy | Requests the validation of a policy and returns a list of findings |
Examples
## Not run:
svc <- accessanalyzer()
svc$apply_archive_rule(
Foo = 123
)
## End(Not run)
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.