Class: Aws::AccessAnalyzer::Types::AccessPreviewFinding

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-accessanalyzer/types.rb

Overview

An access preview finding generated by the access preview.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#actionArray<String>

The action in the analyzed policy statement that an external principal has permission to perform.

Returns:

  • (Array<String>)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#change_typeString

Provides context on how the access preview finding compares to existing access identified in IAM Access Analyzer.

  • ‘New` - The finding is for newly-introduced access.

  • ‘Unchanged` - The preview finding is an existing finding that would remain unchanged.

  • ‘Changed` - The preview finding is an existing finding with a change in status.

For example, a ‘Changed` finding with preview status `Resolved` and existing status `Active` indicates the existing `Active` finding would become `Resolved` as a result of the proposed permissions change.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#conditionHash<String,String>

The condition in the analyzed policy statement that resulted in a finding.

Returns:

  • (Hash<String,String>)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#created_atTime

The time at which the access preview finding was created.

Returns:

  • (Time)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#errorString

An error.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#existing_finding_idString

The existing ID of the finding in IAM Access Analyzer, provided only for existing findings.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#existing_finding_statusString

The existing status of the finding, provided only for existing findings.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#idString

The ID of the access preview finding. This ID uniquely identifies the element in the list of access preview findings and is not related to the finding ID in Access Analyzer.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#is_publicBoolean

Indicates whether the policy that generated the finding allows public access to the resource.

Returns:

  • (Boolean)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#principalHash<String,String>

The external principal that has access to a resource within the zone of trust.

Returns:

  • (Hash<String,String>)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#resourceString

The resource that an external principal has access to. This is the resource associated with the access preview.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#resource_control_policy_restrictionString

The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#resource_owner_accountString

The Amazon Web Services account ID that owns the resource. For most Amazon Web Services resources, the owning account is the account in which the resource was created.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#resource_typeString

The type of the resource that can be accessed in the finding.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#sourcesArray<Types::FindingSource>

The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.

Returns:



202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end

#statusString

The preview status of the finding. This is what the status of the finding would be after permissions deployment. For example, a ‘Changed` finding with preview status `Resolved` and existing status `Active` indicates the existing `Active` finding would become `Resolved` as a result of the proposed permissions change.

Returns:

  • (String)


202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# File 'lib/aws-sdk-accessanalyzer/types.rb', line 202

class AccessPreviewFinding < Struct.new(
  :id,
  :existing_finding_id,
  :existing_finding_status,
  :principal,
  :action,
  :condition,
  :resource,
  :is_public,
  :resource_type,
  :created_at,
  :change_type,
  :status,
  :resource_owner_account,
  :error,
  :sources,
  :resource_control_policy_restriction)
  SENSITIVE = []
  include Aws::Structure
end