Docs Home
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi
aws-native.accessanalyzer.getAnalyzer
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi
The AWS::AccessAnalyzer::Analyzer type specifies an analyzer of the user’s account
Using getAnalyzer
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getAnalyzer(args: GetAnalyzerArgs, opts?: InvokeOptions): Promise<GetAnalyzerResult>
function getAnalyzerOutput(args: GetAnalyzerOutputArgs, opts?: InvokeOptions): Output<GetAnalyzerResult>def get_analyzer(arn: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetAnalyzerResult
def get_analyzer_output(arn: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetAnalyzerResult]func LookupAnalyzer(ctx *Context, args *LookupAnalyzerArgs, opts ...InvokeOption) (*LookupAnalyzerResult, error)
func LookupAnalyzerOutput(ctx *Context, args *LookupAnalyzerOutputArgs, opts ...InvokeOption) LookupAnalyzerResultOutput> Note: This function is named LookupAnalyzer in the Go SDK.
public static class GetAnalyzer
{
public static Task<GetAnalyzerResult> InvokeAsync(GetAnalyzerArgs args, InvokeOptions? opts = null)
public static Output<GetAnalyzerResult> Invoke(GetAnalyzerInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetAnalyzerResult> getAnalyzer(GetAnalyzerArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws-native:accessanalyzer:getAnalyzer
arguments:
# arguments dictionaryThe following arguments are supported:
- Arn string
- Amazon Resource Name (ARN) of the analyzer
- Arn string
- Amazon Resource Name (ARN) of the analyzer
- arn String
- Amazon Resource Name (ARN) of the analyzer
- arn string
- Amazon Resource Name (ARN) of the analyzer
- arn str
- Amazon Resource Name (ARN) of the analyzer
- arn String
- Amazon Resource Name (ARN) of the analyzer
getAnalyzer Result
The following output properties are available:
- Analyzer
Configuration Pulumi.Aws Native. Access Analyzer. Outputs. Analyzer Configuration Properties - The configuration for the analyzer
- Archive
Rules List<Pulumi.Aws Native. Access Analyzer. Outputs. Analyzer Archive Rule> - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- Arn string
- Amazon Resource Name (ARN) of the analyzer
-
List<Pulumi.
Aws Native. Outputs. Tag> - An array of key-value pairs to apply to this resource.
- Analyzer
Configuration AnalyzerConfiguration Properties - The configuration for the analyzer
- Archive
Rules []AnalyzerArchive Rule - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- Arn string
- Amazon Resource Name (ARN) of the analyzer
- Tag
- An array of key-value pairs to apply to this resource.
- analyzer
Configuration AnalyzerConfiguration Properties - The configuration for the analyzer
- archive
Rules List<AnalyzerArchive Rule> - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- arn String
- Amazon Resource Name (ARN) of the analyzer
- List<Tag>
- An array of key-value pairs to apply to this resource.
- analyzer
Configuration AnalyzerConfiguration Properties - The configuration for the analyzer
- archive
Rules AnalyzerArchive Rule[] - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- arn string
- Amazon Resource Name (ARN) of the analyzer
- Tag[]
- An array of key-value pairs to apply to this resource.
- analyzer_
configuration AnalyzerConfiguration Properties - The configuration for the analyzer
- archive_
rules Sequence[AnalyzerArchive Rule] - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- arn str
- Amazon Resource Name (ARN) of the analyzer
- Sequence[root_Tag]
- An array of key-value pairs to apply to this resource.
- analyzer
Configuration Property Map - The configuration for the analyzer
- archive
Rules List<Property Map> - Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
- arn String
- Amazon Resource Name (ARN) of the analyzer
- List<Property Map>
- An array of key-value pairs to apply to this resource.
Supporting Types
AnalyzerAnalysisRuleCriteria
- Account
Ids List<string> - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
List<Immutable
Array<Pulumi. Aws Native. Access Analyzer. Inputs. Analyzer Tag>> An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- Account
Ids []string - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
[][]Analyzer
Tag An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account
Ids List<String> - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
List<List<Analyzer
Tag>> An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account
Ids string[] - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
Analyzer
Tag[][] An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account_
ids Sequence[str] - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
-
Sequence[Sequence[Analyzer
Tag]] An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
- account
Ids List<String> - A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
- List<List<Property Map>>
An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:.
For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key.
AnalyzerArchiveRule
- Filter
List<Pulumi.
Aws Native. Access Analyzer. Inputs. Analyzer Filter> - The criteria for the rule.
- Rule
Name string - The archive rule name
- Filter
[]Analyzer
Filter - The criteria for the rule.
- Rule
Name string - The archive rule name
- filter
List<Analyzer
Filter> - The criteria for the rule.
- rule
Name String - The archive rule name
- filter
Analyzer
Filter[] - The criteria for the rule.
- rule
Name string - The archive rule name
- filter
Sequence[Analyzer
Filter] - The criteria for the rule.
- rule_
name str - The archive rule name
- filter List<Property Map>
- The criteria for the rule.
- rule
Name String - The archive rule name
AnalyzerConfigurationProperties
- Unused
Access Pulumi.Configuration Aws Native. Access Analyzer. Inputs. Analyzer Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- Unused
Access AnalyzerConfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused
Access AnalyzerConfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused
Access AnalyzerConfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused_
access_ Analyzerconfiguration Unused Access Configuration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
- unused
Access Property MapConfiguration - Specifies the configuration of an unused access analyzer for an AWS organization or account.
AnalyzerFilter
- Property string
- The property used to define the criteria in the filter for the rule.
- Contains List<string>
- A "contains" condition to match for the rule.
- Eq List<string>
- An "equals" condition to match for the rule.
- Exists bool
- An "exists" condition to match for the rule.
- Neq List<string>
- A "not equal" condition to match for the rule.
- Property string
- The property used to define the criteria in the filter for the rule.
- Contains []string
- A "contains" condition to match for the rule.
- Eq []string
- An "equals" condition to match for the rule.
- Exists bool
- An "exists" condition to match for the rule.
- Neq []string
- A "not equal" condition to match for the rule.
- property String
- The property used to define the criteria in the filter for the rule.
- contains List<String>
- A "contains" condition to match for the rule.
- eq List<String>
- An "equals" condition to match for the rule.
- exists Boolean
- An "exists" condition to match for the rule.
- neq List<String>
- A "not equal" condition to match for the rule.
- property string
- The property used to define the criteria in the filter for the rule.
- contains string[]
- A "contains" condition to match for the rule.
- eq string[]
- An "equals" condition to match for the rule.
- exists boolean
- An "exists" condition to match for the rule.
- neq string[]
- A "not equal" condition to match for the rule.
- property str
- The property used to define the criteria in the filter for the rule.
- contains Sequence[str]
- A "contains" condition to match for the rule.
- eq Sequence[str]
- An "equals" condition to match for the rule.
- exists bool
- An "exists" condition to match for the rule.
- neq Sequence[str]
- A "not equal" condition to match for the rule.
- property String
- The property used to define the criteria in the filter for the rule.
- contains List<String>
- A "contains" condition to match for the rule.
- eq List<String>
- An "equals" condition to match for the rule.
- exists Boolean
- An "exists" condition to match for the rule.
- neq List<String>
- A "not equal" condition to match for the rule.
AnalyzerTag
- Key string
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Key string
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key string
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value string
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key str
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value str
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
- The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
- The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
AnalyzerUnusedAccessConfiguration
- Analysis
Rule Pulumi.Aws Native. Access Analyzer. Inputs. Analyzer Unused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- Unused
Access intAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- Analysis
Rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- Unused
Access intAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis
Rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- unused
Access IntegerAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis
Rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- unused
Access numberAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis_
rule AnalyzerUnused Access Configuration Analysis Rule Properties - Contains information about rules for the analyzer.
- unused_
access_ intage - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
- analysis
Rule Property Map - Contains information about rules for the analyzer.
- unused
Access NumberAge - The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days.
AnalyzerUnusedAccessConfigurationAnalysisRuleProperties
- Exclusions
List<Pulumi.
Aws Native. Access Analyzer. Inputs. Analyzer Analysis Rule Criteria> - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- Exclusions
[]Analyzer
Analysis Rule Criteria - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions
List<Analyzer
Analysis Rule Criteria> - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions
Analyzer
Analysis Rule Criteria[] - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions
Sequence[Analyzer
Analysis Rule Criteria] - A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
- exclusions List<Property Map>
- A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings.
Tag
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi