getServiceLastAccessedDetails method
Retrieves a service last accessed report that was created using the
GenerateServiceLastAccessedDetails operation. You can use the
JobId parameter in GetServiceLastAccessedDetails
to retrieve the status of your report job. When the report is complete,
you can retrieve the generated report. The report includes a list of AWS
services that the resource (user, group, role, or managed policy) can
access.
For each service that the resource could access using permissions
policies, the operation returns details about the most recent access
attempt. If there was no attempt, the service is listed without details
about the most recent attempt to access the service. If the operation
fails, the GetServiceLastAccessedDetails operation returns
the reason that it failed.
The GetServiceLastAccessedDetails operation returns a list of
services. This list includes the number of entities that have attempted to
access the service and the date and time of the last attempt. It also
returns the ARN of the following entity, depending on the resource ARN
that you used to generate the report:
- User – Returns the user ARN that you used to generate the report
- Group – Returns the ARN of the group member (user) that last attempted to access the service
- Role – Returns the role ARN that you used to generate the report
- Policy – Returns the ARN of the user or role that last used the policy to attempt to access the service
If you specified ACTION_LEVEL granularity when you generated
the report, this operation returns service and action last accessed data.
This includes the most recent access attempt for each tracked action
within a service. Otherwise, this operation returns only service data.
For more information about service and action last accessed data, see Reducing Permissions Using Service Last Accessed Data in the IAM User Guide.
May throw NoSuchEntityException. May throw InvalidInputException.
Parameter jobId :
The ID of the request generated by the
GenerateServiceLastAccessedDetails operation. The
JobId returned by
GenerateServiceLastAccessedDetail must be used by the same
role within a session, or by the same user when used to call
GetServiceLastAccessedDetail.
Parameter marker :
Use this parameter only when paginating results and only after you receive
a response indicating that the results are truncated. Set it to the value
of the Marker element in the response that you received to
indicate where the next call should start.
Parameter maxItems :
Use this only when paginating results to indicate the maximum number of
items you want in the response. If additional items exist beyond the
maximum you specify, the IsTruncated response element is
true.
If you do not include this parameter, the number of items defaults to 100.
Note that IAM might return fewer results, even when there are more results
available. In that case, the IsTruncated response element
returns true, and Marker contains a value to
include in the subsequent call that tells the service where to continue
from.
Implementation
Future<GetServiceLastAccessedDetailsResponse> getServiceLastAccessedDetails({
required String jobId,
String? marker,
int? maxItems,
}) async {
ArgumentError.checkNotNull(jobId, 'jobId');
_s.validateStringLength(
'jobId',
jobId,
36,
36,
isRequired: true,
);
_s.validateStringLength(
'marker',
marker,
1,
320,
);
_s.validateNumRange(
'maxItems',
maxItems,
1,
1000,
);
final $request = <String, dynamic>{};
$request['JobId'] = jobId;
marker?.also((arg) => $request['Marker'] = arg);
maxItems?.also((arg) => $request['MaxItems'] = arg);
final $result = await _protocol.send(
$request,
action: 'GetServiceLastAccessedDetails',
version: '2010-05-08',
method: 'POST',
requestUri: '/',
exceptionFnMap: _exceptionFns,
shape: shapes['GetServiceLastAccessedDetailsRequest'],
shapes: shapes,
resultWrapper: 'GetServiceLastAccessedDetailsResult',
);
return GetServiceLastAccessedDetailsResponse.fromXml($result);
}