AccessAnalyzer class
AWS IAM Access Analyzer helps identify potential resource-access risks by enabling you to identify any policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your AWS environment. An external principal can be another AWS account, a root user, an IAM user or role, a federated user, an AWS service, or an anonymous user. This guide describes the AWS IAM Access Analyzer operations that you can call programmatically. For general information about Access Analyzer, see AWS IAM Access Analyzer in the IAM User Guide.
To start using Access Analyzer, you first need to create an analyzer.
Constructors
- AccessAnalyzer({required String region, AwsClientCredentials? credentials, AwsClientCredentialsProvider? credentialsProvider, Client? client, String? endpointUrl})
Properties
- hashCode → int
-
The hash code for this object.
no setterinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
applyArchiveRule(
{required String analyzerArn, required String ruleName, String? clientToken}) → Future< void> - Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
-
close(
) → void - Closes the internal HTTP client if none was provided at creation. If a client was passed as a constructor argument, this becomes a noop.
-
createAnalyzer(
{required String analyzerName, required Type type, List< InlineArchiveRule> ? archiveRules, String? clientToken, Map<String, String> ? tags}) → Future<CreateAnalyzerResponse> - Creates an analyzer for your account.
-
createArchiveRule(
{required String analyzerName, required Map< String, Criterion> filter, required String ruleName, String? clientToken}) → Future<void> - Creates an archive rule for the specified analyzer. Archive rules automatically archive new findings that meet the criteria you define when you create the rule.
-
deleteAnalyzer(
{required String analyzerName, String? clientToken}) → Future< void> - Deletes the specified analyzer. When you delete an analyzer, Access Analyzer is disabled for the account in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.
-
deleteArchiveRule(
{required String analyzerName, required String ruleName, String? clientToken}) → Future< void> - Deletes the specified archive rule.
-
getAnalyzedResource(
{required String analyzerArn, required String resourceArn}) → Future< GetAnalyzedResourceResponse> - Retrieves information about a resource that was analyzed.
-
getAnalyzer(
{required String analyzerName}) → Future< GetAnalyzerResponse> - Retrieves information about the specified analyzer.
-
getArchiveRule(
{required String analyzerName, required String ruleName}) → Future< GetArchiveRuleResponse> - Retrieves information about an archive rule.
-
getFinding(
{required String analyzerArn, required String id}) → Future< GetFindingResponse> - Retrieves information about the specified finding.
-
listAnalyzedResources(
{required String analyzerArn, int? maxResults, String? nextToken, ResourceType? resourceType}) → Future< ListAnalyzedResourcesResponse> - Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer..
-
listAnalyzers(
{int? maxResults, String? nextToken, Type? type}) → Future< ListAnalyzersResponse> - Retrieves a list of analyzers.
-
listArchiveRules(
{required String analyzerName, int? maxResults, String? nextToken}) → Future< ListArchiveRulesResponse> - Retrieves a list of archive rules created for the specified analyzer.
-
listFindings(
{required String analyzerArn, Map< String, Criterion> ? filter, int? maxResults, String? nextToken, SortCriteria? sort}) → Future<ListFindingsResponse> - Retrieves a list of findings generated by the specified analyzer.
-
listTagsForResource(
{required String resourceArn}) → Future< ListTagsForResourceResponse> - Retrieves a list of tags applied to the specified resource.
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
startResourceScan(
{required String analyzerArn, required String resourceArn}) → Future< void> - Immediately starts a scan of the policies applied to the specified resource.
-
tagResource(
{required String resourceArn, required Map< String, String> tags}) → Future<void> - Adds a tag to the specified resource.
-
toString(
) → String -
A string representation of this object.
inherited
-
untagResource(
{required String resourceArn, required List< String> tagKeys}) → Future<void> - Removes a tag from the specified resource.
-
updateArchiveRule(
{required String analyzerName, required Map< String, Criterion> filter, required String ruleName, String? clientToken}) → Future<void> - Updates the criteria and values for the specified archive rule.
-
updateFindings(
{required String analyzerArn, required FindingStatusUpdate status, String? clientToken, List< String> ? ids, String? resourceArn}) → Future<void> - Updates the status for the specified findings.
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited