integrations.sh
← all integrations

amazonaws.com – accessanalyzer

OpenAPI apis-guru cloud

Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to identify any policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An external principal can be another Amazon Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to preview and validate public and cross-account access to your resources before deploying permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can call programmatically. For general information about IAM Access Analyzer, see in the IAM User Guide.

To start using IAM Access Analyzer, you first need to create an analyzer.

Homepage
https://api.apis.guru/v2/specs/amazonaws.com:accessanalyzer/2019-11-01.json
Provider
amazonaws.com:accessanalyzer / accessanalyzer
OpenAPI version
3.0.0
Spec (JSON)
https://api.apis.guru/v2/specs/amazonaws.com/accessanalyzer/2019-11-01/openapi.json
Spec (YAML)
https://api.apis.guru/v2/specs/amazonaws.com/accessanalyzer/2019-11-01/openapi.yaml

Tools (30)

Extracted live via the executor SDK.

  • accessPreview.createAccessPreview

    Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions.

  • accessPreview.getAccessPreview

    Retrieves information about an access preview for the specified analyzer.

  • accessPreview.listAccessPreviewFindings

    Retrieves a list of access preview findings generated by the specified access preview.

  • accessPreviewAnalyzerArn.listAccessPreviews

    Retrieves a list of access previews for the specified analyzer.

  • analyzedResource.listAnalyzedResources

    Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer..

  • analyzedResourceAnalyzerArnResourceArn.getAnalyzedResource

    Retrieves information about a resource that was analyzed.

  • analyzer.createAnalyzer

    Creates an analyzer for your account.

  • analyzer.createArchiveRule

    Creates an archive rule for the specified analyzer. Archive rules automatically archive new findings that meet the criteria you define when you create the rule.

    To learn about filter keys that you can use to create an archive rule, see in the IAM User Guide.

  • analyzer.deleteAnalyzer

    Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled for the account or organization in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.

  • analyzer.deleteArchiveRule

    Deletes the specified archive rule.

  • analyzer.getAnalyzer

    Retrieves information about the specified analyzer.

  • analyzer.getArchiveRule

    Retrieves information about an archive rule.

    To learn about filter keys that you can use to create an archive rule, see in the IAM User Guide.

  • analyzer.listAnalyzers

    Retrieves a list of analyzers.

  • analyzer.listArchiveRules

    Retrieves a list of archive rules created for the specified analyzer.

  • analyzer.updateArchiveRule

    Updates the criteria and values for the specified archive rule.

  • archiveRule.applyArchiveRule

    Retroactively applies the archive rule to existing findings that meet the archive rule criteria.

  • finding.getFinding

    Retrieves information about the specified finding.

  • finding.listFindings

    Retrieves a list of findings generated by the specified analyzer.

    To learn about filter keys that you can use to retrieve a list of findings, see in the IAM User Guide.

  • finding.updateFindings

    Updates the status for the specified findings.

  • policy.cancelPolicyGeneration

    Cancels the requested policy generation.

  • policy.getGeneratedPolicy

    Retrieves the policy that was generated using StartPolicyGeneration.

  • policy.listPolicyGenerations

    Lists all of the policy generations requested in the last seven days.

  • policy.startPolicyGeneration

    Starts the policy generation request.

  • policy.validatePolicy

    Requests the validation of a policy and returns a list of findings. The findings help you identify issues and provide actionable recommendations to resolve the issue and enable you to author functional policies that meet security best practices.

  • resource.startResourceScan

    Immediately starts a scan of the policies applied to the specified resource.

  • tags.listTagsForResource

    Retrieves a list of tags applied to the specified resource.

  • tags.tagResource

    Adds a tag to the specified resource.

  • tags.untagResource

    Removes a tag from the specified resource.

  • openapi.previewSpec

    Preview an OpenAPI document before adding it as a source

  • openapi.addSource

    Add an OpenAPI source and register its operations as tools