SqsQueueConfiguration
The proposed access control configuration for an Amazon SQS queue. You can propose a configuration for a new Amazon SQS queue or an existing Amazon SQS queue that you own by specifying the Amazon SQS policy. If the configuration is for an existing Amazon SQS queue and you do not specify the Amazon SQS policy, the access preview uses the existing Amazon SQS policy for the queue. If the access preview is for a new resource and you do not specify the policy, the access preview assumes an Amazon SQS queue without a policy. To propose deletion of an existing Amazon SQS queue policy, you can specify an empty string for the Amazon SQS policy. For more information about Amazon SQS policy limits, see Quotas related to policies.
Contents
queuePolicy
The proposed resource policy for the Amazon SQS queue.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
StatusReason
StatusReason
Provides more details about the current status of the analyzer. For example, if the creation for the analyzer fails, a Failed status is returned. For an analyzer with organization as the type, this failure can be due to an issue with creating the service-linked roles required in the member accounts of the AWS organization.
Contents
code
The reason code for the current status of the analyzer.
Type: String
Valid Values: AWS_SERVICE_ACCESS_DISABLED |
DELEGATED_ADMINISTRATOR_DEREGISTERED | ORGANIZATION_DELETED | SERVICE_LINKED_ROLE_CREATION_FAILED
Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
Substring
Substring
A reference to a substring of a literal string in a JSON document.
Contents
length
The length of the substring.
Type: Integer Required: Yes start
The start index of the substring, starting from 0.
Type: Integer Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
Trail
Trail
Contains details about the CloudTrail trail being analyzed to generate a policy.
Contents
allRegions
Possible values are true or false. If set to true, IAM Access Analyzer retrieves CloudTrail data from all regions to analyze and generate a policy.
Type: Boolean Required: No cloudTrailArn
Specifies the ARN of the trail. The format of a trail ARN is arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
Type: String
Pattern: arn:[^:]*:cloudtrail:[^:]*:[^:]*:trail/.{1,576}
Required: Yes regions
A list of regions to get CloudTrail data from and analyze to generate a policy.
Type: Array of strings Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
TrailProperties
TrailProperties
Contains details about the CloudTrail trail being analyzed to generate a policy.
Contents
allRegions
Possible values are true or false. If set to true, IAM Access Analyzer retrieves CloudTrail data from all regions to analyze and generate a policy.
Type: Boolean Required: No cloudTrailArn
Specifies the ARN of the trail. The format of a trail ARN is arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
Type: String
Pattern: arn:[^:]*:cloudtrail:[^:]*:[^:]*:trail/.{1,576}
Required: Yes regions
A list of regions to get CloudTrail data from and analyze to generate a policy.
Type: Array of strings Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ValidatePolicyFinding
ValidatePolicyFinding
A finding in a policy. Each finding is an actionable recommendation that can be used to improve the policy.
Contents
findingDetails
A localized message that explains the finding and provides guidance on how to address it.
Type: String Required: Yes findingType
The impact of the finding.
Security warnings report when the policy allows access that we consider overly permissive.
Errors report when a part of the policy is not functional.
Warnings report non-security issues when a policy does not conform to policy writing best practices.
Suggestions recommend stylistic improvements in the policy that do not impact access.
Type: String
Valid Values: ERROR | SECURITY_WARNING | SUGGESTION | WARNING Required: Yes
issueCode
The issue code provides an identifier of the issue associated with this finding.
Type: String Required: Yes learnMoreLink
A link to additional documentation about the type of finding.
Type: String Required: Yes locations
The list of locations in the policy document that are related to the finding. The issue code provides a summary of an issue identified by the finding.
Type: Array of Location (p. 121) objects Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
See Also
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ValidationExceptionField
ValidationExceptionField
Contains information about a validation exception.
Contents
message
A message about the validation exception.
Type: String Required: Yes name
The name of the validation exception.
Type: String Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3