Module: Aws::AccessAnalyzer::Types

Defined in:

lib/aws-sdk-accessanalyzer/types.rb

Defined Under Namespace

Classes: Access, AccessDeniedException, AccessPreview, AccessPreviewFinding, AccessPreviewStatusReason, AccessPreviewSummary, AclGrantee, AnalysisRule, AnalysisRuleCriteria, AnalyzedResource, AnalyzedResourceSummary, AnalyzerConfiguration, AnalyzerSummary, ApplyArchiveRuleRequest, ArchiveRuleSummary, CancelPolicyGenerationRequest, CancelPolicyGenerationResponse, CheckAccessNotGrantedRequest, CheckAccessNotGrantedResponse, CheckNoNewAccessRequest, CheckNoNewAccessResponse, CheckNoPublicAccessRequest, CheckNoPublicAccessResponse, CloudTrailDetails, CloudTrailProperties, Configuration, ConflictException, CreateAccessPreviewRequest, CreateAccessPreviewResponse, CreateAnalyzerRequest, CreateAnalyzerResponse, CreateArchiveRuleRequest, CreateServiceLinkedAnalyzerRequest, CreateServiceLinkedAnalyzerResponse, Criterion, DeleteAnalyzerRequest, DeleteArchiveRuleRequest, DeleteServiceLinkedAnalyzerRequest, DynamodbStreamConfiguration, DynamodbTableConfiguration, EbsSnapshotConfiguration, EcrRepositoryConfiguration, EfsFileSystemConfiguration, ExternalAccessDetails, ExternalAccessFindingsStatistics, Finding, FindingAggregationAccountDetails, FindingDetails, FindingSource, FindingSourceDetail, FindingSummary, FindingSummaryV2, FindingsStatistics, GenerateFindingRecommendationRequest, GeneratedPolicy, GeneratedPolicyProperties, GeneratedPolicyResult, GetAccessPreviewRequest, GetAccessPreviewResponse, GetAnalyzedResourceRequest, GetAnalyzedResourceResponse, GetAnalyzerRequest, GetAnalyzerResponse, GetArchiveRuleRequest, GetArchiveRuleResponse, GetFindingRecommendationRequest, GetFindingRecommendationResponse, GetFindingRequest, GetFindingResponse, GetFindingV2Request, GetFindingV2Response, GetFindingsStatisticsRequest, GetFindingsStatisticsResponse, GetGeneratedPolicyRequest, GetGeneratedPolicyResponse, IamRoleConfiguration, InlineArchiveRule, InternalAccessAnalysisRule, InternalAccessAnalysisRuleCriteria, InternalAccessConfiguration, InternalAccessDetails, InternalAccessFindingsStatistics, InternalAccessResourceTypeDetails, InternalServerException, InternetConfiguration, InvalidParameterException, JobDetails, JobError, KmsGrantConfiguration, KmsGrantConstraints, KmsKeyConfiguration, ListAccessPreviewFindingsRequest, ListAccessPreviewFindingsResponse, ListAccessPreviewsRequest, ListAccessPreviewsResponse, ListAnalyzedResourcesRequest, ListAnalyzedResourcesResponse, ListAnalyzersRequest, ListAnalyzersResponse, ListArchiveRulesRequest, ListArchiveRulesResponse, ListFindingsRequest, ListFindingsResponse, ListFindingsV2Request, ListFindingsV2Response, ListPolicyGenerationsRequest, ListPolicyGenerationsResponse, ListTagsForResourceRequest, ListTagsForResourceResponse, Location, NetworkOriginConfiguration, PathElement, PolicyGeneration, PolicyGenerationDetails, Position, RdsDbClusterSnapshotAttributeValue, RdsDbClusterSnapshotConfiguration, RdsDbSnapshotAttributeValue, RdsDbSnapshotConfiguration, ReasonSummary, RecommendationError, RecommendedStep, ResourceNotFoundException, ResourceTypeDetails, S3AccessPointConfiguration, S3BucketAclGrantConfiguration, S3BucketConfiguration, S3ExpressDirectoryAccessPointConfiguration, S3ExpressDirectoryBucketConfiguration, S3PublicAccessBlockConfiguration, SecretsManagerSecretConfiguration, ServiceQuotaExceededException, SnsTopicConfiguration, SortCriteria, Span, SqsQueueConfiguration, StartPolicyGenerationRequest, StartPolicyGenerationResponse, StartResourceScanRequest, StatusReason, Substring, TagResourceRequest, TagResourceResponse, ThrottlingException, Trail, TrailProperties, UnprocessableEntityException, UntagResourceRequest, UntagResourceResponse, UnusedAccessConfiguration, UnusedAccessFindingsStatistics, UnusedAccessTypeStatistics, UnusedAction, UnusedIamRoleDetails, UnusedIamUserAccessKeyDetails, UnusedIamUserPasswordDetails, UnusedPermissionDetails, UnusedPermissionsRecommendedStep, UpdateAnalyzerRequest, UpdateAnalyzerResponse, UpdateArchiveRuleRequest, UpdateFindingsRequest, ValidatePolicyFinding, ValidatePolicyRequest, ValidatePolicyResponse, ValidationException, ValidationExceptionField, VpcConfiguration

Instance Attribute Summary

• #account_ids ⇒ Array<String>

  The Amazon Web Services account IDs that have access to the manual Amazon RDS DB snapshot.

• #dynamodb_stream ⇒ Types::DynamodbStreamConfiguration

  The access control configuration is for a DynamoDB stream.

• #dynamodb_table ⇒ Types::DynamodbTableConfiguration

  The access control configuration is for a DynamoDB table or index.

• #ebs_snapshot ⇒ Types::EbsSnapshotConfiguration

  The access control configuration is for an Amazon EBS volume snapshot.

• #ecr_repository ⇒ Types::EcrRepositoryConfiguration

  The access control configuration is for an Amazon ECR repository.

• #efs_file_system ⇒ Types::EfsFileSystemConfiguration

  The access control configuration is for an Amazon EFS file system.

• #external_access_details ⇒ Types::ExternalAccessDetails

  The details for an external access analyzer finding.

• #external_access_findings_statistics ⇒ Types::ExternalAccessFindingsStatistics

  The aggregate statistics for an external access analyzer.

• #iam_role ⇒ Types::IamRoleConfiguration

  The access control configuration is for an IAM role.

• #id ⇒ String

  The value specified is the canonical user ID of an Amazon Web Services account.

• #index ⇒ Integer

  Refers to an index in a JSON array.

• #internal_access ⇒ Types::InternalAccessConfiguration

  Specifies the configuration of an internal access analyzer for an Amazon Web Services organization or account.

• #internal_access_details ⇒ Types::InternalAccessDetails

  The details for an internal access analyzer finding.

• #internal_access_findings_statistics ⇒ Types::InternalAccessFindingsStatistics

  The aggregate statistics for an internal access analyzer.

• #internet_configuration ⇒ Types::InternetConfiguration

  The configuration for the Amazon S3 access point or multi-region access point with an ‘Internet` origin.

• #key ⇒ String

  Refers to a key in a JSON object.

• #kms_key ⇒ Types::KmsKeyConfiguration

  The access control configuration is for a KMS key.

• #rds_db_cluster_snapshot ⇒ Types::RdsDbClusterSnapshotConfiguration

  The access control configuration is for an Amazon RDS DB cluster snapshot.

• #rds_db_snapshot ⇒ Types::RdsDbSnapshotConfiguration

  The access control configuration is for an Amazon RDS DB snapshot.

• #s3_bucket ⇒ Types::S3BucketConfiguration

  The access control configuration is for an Amazon S3 bucket.

• #s3_express_directory_bucket ⇒ Types::S3ExpressDirectoryBucketConfiguration

  The access control configuration is for an Amazon S3 directory bucket.

• #secrets_manager_secret ⇒ Types::SecretsManagerSecretConfiguration

  The access control configuration is for a Secrets Manager secret.

• #sns_topic ⇒ Types::SnsTopicConfiguration

  The access control configuration is for an Amazon SNS topic.

• #sqs_queue ⇒ Types::SqsQueueConfiguration

  The access control configuration is for an Amazon SQS queue.

• #substring ⇒ Types::Substring

  Refers to a substring of a literal string in a JSON object.

• #unused_access ⇒ Types::UnusedAccessConfiguration

  Specifies the configuration of an unused access analyzer for an Amazon Web Services organization or account.

• #unused_access_findings_statistics ⇒ Types::UnusedAccessFindingsStatistics

  The aggregate statistics for an unused access analyzer.

• #unused_iam_role_details ⇒ Types::UnusedIamRoleDetails

  The details for an unused access analyzer finding with an unused IAM role finding type.

• #unused_iam_user_access_key_details ⇒ Types::UnusedIamUserAccessKeyDetails

  The details for an unused access analyzer finding with an unused IAM user access key finding type.

• #unused_iam_user_password_details ⇒ Types::UnusedIamUserPasswordDetails

  The details for an unused access analyzer finding with an unused IAM user password finding type.

• #unused_permission_details ⇒ Types::UnusedPermissionDetails

  The details for an unused access analyzer finding with an unused permission finding type.

• #unused_permissions_recommended_step ⇒ Types::UnusedPermissionsRecommendedStep

  A recommended step for an unused permissions finding.

• #uri ⇒ String

  Used for granting permissions to a predefined group.

• #value ⇒ String

  Refers to the value associated with a given key in a JSON object.

• #vpc_configuration ⇒ Types::VpcConfiguration

  The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point.

Instance Attribute Details

#account_ids ⇒ Array<String>

The Amazon Web Services account IDs that have access to the manual Amazon RDS DB snapshot. If the value ‘all` is specified, then the Amazon RDS DB snapshot is public and can be copied or restored by all Amazon Web Services accounts.

• If the configuration is for an existing Amazon RDS DB snapshot and you do not specify the ‘accountIds` in `RdsDbSnapshotAttributeValue`, then the access preview uses the existing shared `accountIds` for the snapshot.

• If the access preview is for a new resource and you do not specify the specify the ‘accountIds` in `RdsDbSnapshotAttributeValue`, then the access preview considers the snapshot without any attributes.

• To propose deletion of an existing shared ‘accountIds`, you can specify an empty list for `accountIds` in the `RdsDbSnapshotAttributeValue`.

Returns:

• (Array<String>)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3781

class RdsDbClusterSnapshotAttributeValue < Struct.new(
  :account_ids,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class AccountIds < RdsDbClusterSnapshotAttributeValue; end
  class Unknown < RdsDbClusterSnapshotAttributeValue; end
end

#dynamodb_stream ⇒ Types::DynamodbStreamConfiguration

The access control configuration is for a DynamoDB stream.

Returns:

• (Types::DynamodbStreamConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#dynamodb_table ⇒ Types::DynamodbTableConfiguration

The access control configuration is for a DynamoDB table or index.

Returns:

• (Types::DynamodbTableConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#ebs_snapshot ⇒ Types::EbsSnapshotConfiguration

The access control configuration is for an Amazon EBS volume snapshot.

Returns:

• (Types::EbsSnapshotConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#ecr_repository ⇒ Types::EcrRepositoryConfiguration

The access control configuration is for an Amazon ECR repository.

Returns:

• (Types::EcrRepositoryConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#efs_file_system ⇒ Types::EfsFileSystemConfiguration

The access control configuration is for an Amazon EFS file system.

Returns:

• (Types::EfsFileSystemConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#external_access_details ⇒ Types::ExternalAccessDetails

The details for an external access analyzer finding.

Returns:

• (Types::ExternalAccessDetails)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 1811

class FindingDetails < Struct.new(
  :internal_access_details,
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class InternalAccessDetails < FindingDetails; end
  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#external_access_findings_statistics ⇒ Types::ExternalAccessFindingsStatistics

The aggregate statistics for an external access analyzer.

Returns:

• (Types::ExternalAccessFindingsStatistics)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 2056

class FindingsStatistics < Struct.new(
  :external_access_findings_statistics,
  :internal_access_findings_statistics,
  :unused_access_findings_statistics,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessFindingsStatistics < FindingsStatistics; end
  class InternalAccessFindingsStatistics < FindingsStatistics; end
  class UnusedAccessFindingsStatistics < FindingsStatistics; end
  class Unknown < FindingsStatistics; end
end

#iam_role ⇒ Types::IamRoleConfiguration

The access control configuration is for an IAM role.

Returns:

• (Types::IamRoleConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#id ⇒ String

The value specified is the canonical user ID of an Amazon Web Services account.

Returns:

• (String)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 308

class AclGrantee < Struct.new(
  :id,
  :uri,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Id < AclGrantee; end
  class Uri < AclGrantee; end
  class Unknown < AclGrantee; end
end

#index ⇒ Integer

Refers to an index in a JSON array.

Returns:

• (Integer)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3656

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#internal_access ⇒ Types::InternalAccessConfiguration

Specifies the configuration of an internal access analyzer for an Amazon Web Services organization or account. This configuration determines how the analyzer evaluates access within your Amazon Web Services environment.

Returns:

• (Types::InternalAccessConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 485

class AnalyzerConfiguration < Struct.new(
  :unused_access,
  :internal_access,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class UnusedAccess < AnalyzerConfiguration; end
  class InternalAccess < AnalyzerConfiguration; end
  class Unknown < AnalyzerConfiguration; end
end

#internal_access_details ⇒ Types::InternalAccessDetails

The details for an internal access analyzer finding. This contains information about access patterns identified within your Amazon Web Services organization or account.

Returns:

• (Types::InternalAccessDetails)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 1811

class FindingDetails < Struct.new(
  :internal_access_details,
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class InternalAccessDetails < FindingDetails; end
  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#internal_access_findings_statistics ⇒ Types::InternalAccessFindingsStatistics

The aggregate statistics for an internal access analyzer. This includes information about active, archived, and resolved findings related to internal access within your Amazon Web Services organization or account.

Returns:

• (Types::InternalAccessFindingsStatistics)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 2056

class FindingsStatistics < Struct.new(
  :external_access_findings_statistics,
  :internal_access_findings_statistics,
  :unused_access_findings_statistics,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessFindingsStatistics < FindingsStatistics; end
  class InternalAccessFindingsStatistics < FindingsStatistics; end
  class UnusedAccessFindingsStatistics < FindingsStatistics; end
  class Unknown < FindingsStatistics; end
end

#internet_configuration ⇒ Types::InternetConfiguration

The configuration for the Amazon S3 access point or multi-region access point with an ‘Internet` origin.

Returns:

• (Types::InternetConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3620

class NetworkOriginConfiguration < Struct.new(
  :vpc_configuration,
  :internet_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class VpcConfiguration < NetworkOriginConfiguration; end
  class InternetConfiguration < NetworkOriginConfiguration; end
  class Unknown < NetworkOriginConfiguration; end
end

#key ⇒ String

Refers to a key in a JSON object.

Returns:

• (String)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3656

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#kms_key ⇒ Types::KmsKeyConfiguration

The access control configuration is for a KMS key.

Returns:

• (Types::KmsKeyConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#rds_db_cluster_snapshot ⇒ Types::RdsDbClusterSnapshotConfiguration

The access control configuration is for an Amazon RDS DB cluster snapshot.

Returns:

• (Types::RdsDbClusterSnapshotConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#rds_db_snapshot ⇒ Types::RdsDbSnapshotConfiguration

The access control configuration is for an Amazon RDS DB snapshot.

Returns:

• (Types::RdsDbSnapshotConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#s3_bucket ⇒ Types::S3BucketConfiguration

The access control configuration is for an Amazon S3 bucket.

Returns:

• (Types::S3BucketConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#s3_express_directory_bucket ⇒ Types::S3ExpressDirectoryBucketConfiguration

The access control configuration is for an Amazon S3 directory bucket.

Returns:

• (Types::S3ExpressDirectoryBucketConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#secrets_manager_secret ⇒ Types::SecretsManagerSecretConfiguration

The access control configuration is for a Secrets Manager secret.

Returns:

• (Types::SecretsManagerSecretConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#sns_topic ⇒ Types::SnsTopicConfiguration

The access control configuration is for an Amazon SNS topic

Returns:

• (Types::SnsTopicConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#sqs_queue ⇒ Types::SqsQueueConfiguration

The access control configuration is for an Amazon SQS queue.

Returns:

• (Types::SqsQueueConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 969

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#substring ⇒ Types::Substring

Refers to a substring of a literal string in a JSON object.

Returns:

• (Types::Substring)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3656

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#unused_access ⇒ Types::UnusedAccessConfiguration

Specifies the configuration of an unused access analyzer for an Amazon Web Services organization or account.

Returns:

• (Types::UnusedAccessConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 485

class AnalyzerConfiguration < Struct.new(
  :unused_access,
  :internal_access,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class UnusedAccess < AnalyzerConfiguration; end
  class InternalAccess < AnalyzerConfiguration; end
  class Unknown < AnalyzerConfiguration; end
end

#unused_access_findings_statistics ⇒ Types::UnusedAccessFindingsStatistics

The aggregate statistics for an unused access analyzer.

Returns:

• (Types::UnusedAccessFindingsStatistics)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 2056

class FindingsStatistics < Struct.new(
  :external_access_findings_statistics,
  :internal_access_findings_statistics,
  :unused_access_findings_statistics,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessFindingsStatistics < FindingsStatistics; end
  class InternalAccessFindingsStatistics < FindingsStatistics; end
  class UnusedAccessFindingsStatistics < FindingsStatistics; end
  class Unknown < FindingsStatistics; end
end

#unused_iam_role_details ⇒ Types::UnusedIamRoleDetails

The details for an unused access analyzer finding with an unused IAM role finding type.

Returns:

• (Types::UnusedIamRoleDetails)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 1811

class FindingDetails < Struct.new(
  :internal_access_details,
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class InternalAccessDetails < FindingDetails; end
  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_iam_user_access_key_details ⇒ Types::UnusedIamUserAccessKeyDetails

The details for an unused access analyzer finding with an unused IAM user access key finding type.

Returns:

• (Types::UnusedIamUserAccessKeyDetails)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 1811

class FindingDetails < Struct.new(
  :internal_access_details,
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class InternalAccessDetails < FindingDetails; end
  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_iam_user_password_details ⇒ Types::UnusedIamUserPasswordDetails

The details for an unused access analyzer finding with an unused IAM user password finding type.

Returns:

• (Types::UnusedIamUserPasswordDetails)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 1811

class FindingDetails < Struct.new(
  :internal_access_details,
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class InternalAccessDetails < FindingDetails; end
  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_permission_details ⇒ Types::UnusedPermissionDetails

The details for an unused access analyzer finding with an unused permission finding type.

Returns:

• (Types::UnusedPermissionDetails)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 1811

class FindingDetails < Struct.new(
  :internal_access_details,
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class InternalAccessDetails < FindingDetails; end
  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_permissions_recommended_step ⇒ Types::UnusedPermissionsRecommendedStep

A recommended step for an unused permissions finding.

Returns:

• (Types::UnusedPermissionsRecommendedStep)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3976

class RecommendedStep < Struct.new(
  :unused_permissions_recommended_step,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class UnusedPermissionsRecommendedStep < RecommendedStep; end
  class Unknown < RecommendedStep; end
end

#uri ⇒ String

Used for granting permissions to a predefined group.

Returns:

• (String)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 308

class AclGrantee < Struct.new(
  :id,
  :uri,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Id < AclGrantee; end
  class Uri < AclGrantee; end
  class Unknown < AclGrantee; end
end

#value ⇒ String

Refers to the value associated with a given key in a JSON object.

Returns:

• (String)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3656

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#vpc_configuration ⇒ Types::VpcConfiguration

The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point. VPC configuration does not apply to multi-region access points. For more information, see [VpcConfiguration].

[1]: docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html

Returns:

• (Types::VpcConfiguration)

# File 'lib/aws-sdk-accessanalyzer/types.rb', line 3620

class NetworkOriginConfiguration < Struct.new(
  :vpc_configuration,
  :internet_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class VpcConfiguration < NetworkOriginConfiguration; end
  class InternetConfiguration < NetworkOriginConfiguration; end
  class Unknown < NetworkOriginConfiguration; end
end