Module: Aws::AccessAnalyzer::Types

Defined in:

gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb

Defined Under Namespace

Classes: Access, AccessDeniedException, AccessPreview, AccessPreviewFinding, AccessPreviewStatusReason, AccessPreviewSummary, AclGrantee, AnalysisRule, AnalysisRuleCriteria, AnalyzedResource, AnalyzedResourceSummary, AnalyzerConfiguration, AnalyzerSummary, ApplyArchiveRuleRequest, ArchiveRuleSummary, CancelPolicyGenerationRequest, CancelPolicyGenerationResponse, CheckAccessNotGrantedRequest, CheckAccessNotGrantedResponse, CheckNoNewAccessRequest, CheckNoNewAccessResponse, CheckNoPublicAccessRequest, CheckNoPublicAccessResponse, CloudTrailDetails, CloudTrailProperties, Configuration, ConflictException, CreateAccessPreviewRequest, CreateAccessPreviewResponse, CreateAnalyzerRequest, CreateAnalyzerResponse, CreateArchiveRuleRequest, Criterion, DeleteAnalyzerRequest, DeleteArchiveRuleRequest, DynamodbStreamConfiguration, DynamodbTableConfiguration, EbsSnapshotConfiguration, EcrRepositoryConfiguration, EfsFileSystemConfiguration, ExternalAccessDetails, Finding, FindingDetails, FindingSource, FindingSourceDetail, FindingSummary, FindingSummaryV2, GenerateFindingRecommendationRequest, GeneratedPolicy, GeneratedPolicyProperties, GeneratedPolicyResult, GetAccessPreviewRequest, GetAccessPreviewResponse, GetAnalyzedResourceRequest, GetAnalyzedResourceResponse, GetAnalyzerRequest, GetAnalyzerResponse, GetArchiveRuleRequest, GetArchiveRuleResponse, GetFindingRecommendationRequest, GetFindingRecommendationResponse, GetFindingRequest, GetFindingResponse, GetFindingV2Request, GetFindingV2Response, GetGeneratedPolicyRequest, GetGeneratedPolicyResponse, IamRoleConfiguration, InlineArchiveRule, InternalServerException, InvalidParameterException, JobDetails, JobError, KmsGrantConfiguration, KmsGrantConstraints, KmsKeyConfiguration, ListAccessPreviewFindingsRequest, ListAccessPreviewFindingsResponse, ListAccessPreviewsRequest, ListAccessPreviewsResponse, ListAnalyzedResourcesRequest, ListAnalyzedResourcesResponse, ListAnalyzersRequest, ListAnalyzersResponse, ListArchiveRulesRequest, ListArchiveRulesResponse, ListFindingsRequest, ListFindingsResponse, ListFindingsV2Request, ListFindingsV2Response, ListPolicyGenerationsRequest, ListPolicyGenerationsResponse, ListTagsForResourceRequest, ListTagsForResourceResponse, Location, NetworkOriginConfiguration, PathElement, PolicyGeneration, PolicyGenerationDetails, Position, RdsDbClusterSnapshotAttributeValue, RdsDbClusterSnapshotConfiguration, RdsDbSnapshotAttributeValue, RdsDbSnapshotConfiguration, ReasonSummary, RecommendationError, RecommendedStep, ResourceNotFoundException, S3AccessPointConfiguration, S3BucketAclGrantConfiguration, S3BucketConfiguration, S3ExpressDirectoryBucketConfiguration, S3PublicAccessBlockConfiguration, SecretsManagerSecretConfiguration, ServiceQuotaExceededException, SnsTopicConfiguration, SortCriteria, Span, SqsQueueConfiguration, StartPolicyGenerationRequest, StartPolicyGenerationResponse, StartResourceScanRequest, StatusReason, Substring, TagResourceRequest, TagResourceResponse, ThrottlingException, Trail, TrailProperties, UnprocessableEntityException, UntagResourceRequest, UntagResourceResponse, UnusedAccessConfiguration, UnusedAction, UnusedIamRoleDetails, UnusedIamUserAccessKeyDetails, UnusedIamUserPasswordDetails, UnusedPermissionDetails, UnusedPermissionsRecommendedStep, UpdateAnalyzerRequest, UpdateAnalyzerResponse, UpdateArchiveRuleRequest, UpdateFindingsRequest, ValidatePolicyFinding, ValidatePolicyRequest, ValidatePolicyResponse, ValidationException, ValidationExceptionField, VpcConfiguration

Instance Attribute Summary

• #account_ids ⇒ Array<String>

  The Amazon Web Services account IDs that have access to the manual Amazon RDS DB snapshot.

• #dynamodb_stream ⇒ Types::DynamodbStreamConfiguration

  The access control configuration is for a DynamoDB stream.

• #dynamodb_table ⇒ Types::DynamodbTableConfiguration

  The access control configuration is for a DynamoDB table or index.

• #ebs_snapshot ⇒ Types::EbsSnapshotConfiguration

  The access control configuration is for an Amazon EBS volume snapshot.

• #ecr_repository ⇒ Types::EcrRepositoryConfiguration

  The access control configuration is for an Amazon ECR repository.

• #efs_file_system ⇒ Types::EfsFileSystemConfiguration

  The access control configuration is for an Amazon EFS file system.

• #external_access_details ⇒ Types::ExternalAccessDetails

  The details for an external access analyzer finding.

• #iam_role ⇒ Types::IamRoleConfiguration

  The access control configuration is for an IAM role.

• #id ⇒ String

  The value specified is the canonical user ID of an Amazon Web Services account.

• #index ⇒ Integer

  Refers to an index in a JSON array.

• #internet_configuration ⇒ Types::InternetConfiguration

  The configuration for the Amazon S3 access point or multi-region access point with an Internet origin.

• #key ⇒ String

  Refers to a key in a JSON object.

• #kms_key ⇒ Types::KmsKeyConfiguration

  The access control configuration is for a KMS key.

• #rds_db_cluster_snapshot ⇒ Types::RdsDbClusterSnapshotConfiguration

  The access control configuration is for an Amazon RDS DB cluster snapshot.

• #rds_db_snapshot ⇒ Types::RdsDbSnapshotConfiguration

  The access control configuration is for an Amazon RDS DB snapshot.

• #s3_bucket ⇒ Types::S3BucketConfiguration

  The access control configuration is for an Amazon S3 bucket.

• #s3_express_directory_bucket ⇒ Types::S3ExpressDirectoryBucketConfiguration

  The access control configuration is for an Amazon S3 directory bucket.

• #secrets_manager_secret ⇒ Types::SecretsManagerSecretConfiguration

  The access control configuration is for a Secrets Manager secret.

• #sns_topic ⇒ Types::SnsTopicConfiguration

  The access control configuration is for an Amazon SNS topic.

• #sqs_queue ⇒ Types::SqsQueueConfiguration

  The access control configuration is for an Amazon SQS queue.

• #substring ⇒ Types::Substring

  Refers to a substring of a literal string in a JSON object.

• #unused_access ⇒ Types::UnusedAccessConfiguration

  Specifies the configuration of an unused access analyzer for an Amazon Web Services organization or account.

• #unused_iam_role_details ⇒ Types::UnusedIamRoleDetails

  The details for an unused access analyzer finding with an unused IAM role finding type.

• #unused_iam_user_access_key_details ⇒ Types::UnusedIamUserAccessKeyDetails

  The details for an unused access analyzer finding with an unused IAM user access key finding type.

• #unused_iam_user_password_details ⇒ Types::UnusedIamUserPasswordDetails

  The details for an unused access analyzer finding with an unused IAM user password finding type.

• #unused_permission_details ⇒ Types::UnusedPermissionDetails

  The details for an unused access analyzer finding with an unused permission finding type.

• #unused_permissions_recommended_step ⇒ Types::UnusedPermissionsRecommendedStep

  A recommended step for an unused permissions finding.

• #uri ⇒ String

  Used for granting permissions to a predefined group.

• #value ⇒ String

  Refers to the value associated with a given key in a JSON object.

• #vpc_configuration ⇒ Types::VpcConfiguration

  The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point.

Instance Attribute Details

#account_ids ⇒ Array<String>

The Amazon Web Services account IDs that have access to the manual Amazon RDS DB snapshot. If the value all is specified, then the Amazon RDS DB snapshot is public and can be copied or restored by all Amazon Web Services accounts.

• If the configuration is for an existing Amazon RDS DB snapshot and you do not specify the accountIds in RdsDbSnapshotAttributeValue, then the access preview uses the existing shared accountIds for the snapshot.

• If the access preview is for a new resource and you do not specify the specify the accountIds in RdsDbSnapshotAttributeValue, then the access preview considers the snapshot without any attributes.

• To propose deletion of an existing shared accountIds, you can specify an empty list for accountIds in the RdsDbSnapshotAttributeValue.

Returns:

• (Array<String>)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3259

class RdsDbClusterSnapshotAttributeValue < Struct.new(
  :account_ids,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class AccountIds < RdsDbClusterSnapshotAttributeValue; end
  class Unknown < RdsDbClusterSnapshotAttributeValue; end
end

#dynamodb_stream ⇒ Types::DynamodbStreamConfiguration

The access control configuration is for a DynamoDB stream.

Returns:

• (Types::DynamodbStreamConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#dynamodb_table ⇒ Types::DynamodbTableConfiguration

The access control configuration is for a DynamoDB table or index.

Returns:

• (Types::DynamodbTableConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#ebs_snapshot ⇒ Types::EbsSnapshotConfiguration

The access control configuration is for an Amazon EBS volume snapshot.

Returns:

• (Types::EbsSnapshotConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#ecr_repository ⇒ Types::EcrRepositoryConfiguration

The access control configuration is for an Amazon ECR repository.

Returns:

• (Types::EcrRepositoryConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#efs_file_system ⇒ Types::EfsFileSystemConfiguration

The access control configuration is for an Amazon EFS file system.

Returns:

• (Types::EfsFileSystemConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#external_access_details ⇒ Types::ExternalAccessDetails

The details for an external access analyzer finding.

Returns:

• (Types::ExternalAccessDetails)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1619

class FindingDetails < Struct.new(
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#iam_role ⇒ Types::IamRoleConfiguration

The access control configuration is for an IAM role.

Returns:

• (Types::IamRoleConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#id ⇒ String

The value specified is the canonical user ID of an Amazon Web Services account.

Returns:

• (String)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 308

class AclGrantee < Struct.new(
  :id,
  :uri,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Id < AclGrantee; end
  class Uri < AclGrantee; end
  class Unknown < AclGrantee; end
end

#index ⇒ Integer

Refers to an index in a JSON array.

Returns:

• (Integer)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3134

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#internet_configuration ⇒ Types::InternetConfiguration

The configuration for the Amazon S3 access point or multi-region access point with an Internet origin.

Returns:

• (Types::InternetConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3098

class NetworkOriginConfiguration < Struct.new(
  :vpc_configuration,
  :internet_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class VpcConfiguration < NetworkOriginConfiguration; end
  class InternetConfiguration < NetworkOriginConfiguration; end
  class Unknown < NetworkOriginConfiguration; end
end

#key ⇒ String

Refers to a key in a JSON object.

Returns:

• (String)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3134

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#kms_key ⇒ Types::KmsKeyConfiguration

The access control configuration is for a KMS key.

Returns:

• (Types::KmsKeyConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#rds_db_cluster_snapshot ⇒ Types::RdsDbClusterSnapshotConfiguration

The access control configuration is for an Amazon RDS DB cluster snapshot.

Returns:

• (Types::RdsDbClusterSnapshotConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#rds_db_snapshot ⇒ Types::RdsDbSnapshotConfiguration

The access control configuration is for an Amazon RDS DB snapshot.

Returns:

• (Types::RdsDbSnapshotConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#s3_bucket ⇒ Types::S3BucketConfiguration

The access control configuration is for an Amazon S3 bucket.

Returns:

• (Types::S3BucketConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#s3_express_directory_bucket ⇒ Types::S3ExpressDirectoryBucketConfiguration

The access control configuration is for an Amazon S3 directory bucket.

Returns:

• (Types::S3ExpressDirectoryBucketConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#secrets_manager_secret ⇒ Types::SecretsManagerSecretConfiguration

The access control configuration is for a Secrets Manager secret.

Returns:

• (Types::SecretsManagerSecretConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#sns_topic ⇒ Types::SnsTopicConfiguration

The access control configuration is for an Amazon SNS topic

Returns:

• (Types::SnsTopicConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#sqs_queue ⇒ Types::SqsQueueConfiguration

The access control configuration is for an Amazon SQS queue.

Returns:

• (Types::SqsQueueConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 939

class Configuration < Struct.new(
  :ebs_snapshot,
  :ecr_repository,
  :iam_role,
  :efs_file_system,
  :kms_key,
  :rds_db_cluster_snapshot,
  :rds_db_snapshot,
  :secrets_manager_secret,
  :s3_bucket,
  :sns_topic,
  :sqs_queue,
  :s3_express_directory_bucket,
  :dynamodb_stream,
  :dynamodb_table,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class EbsSnapshot < Configuration; end
  class EcrRepository < Configuration; end
  class IamRole < Configuration; end
  class EfsFileSystem < Configuration; end
  class KmsKey < Configuration; end
  class RdsDbClusterSnapshot < Configuration; end
  class RdsDbSnapshot < Configuration; end
  class SecretsManagerSecret < Configuration; end
  class S3Bucket < Configuration; end
  class SnsTopic < Configuration; end
  class SqsQueue < Configuration; end
  class S3ExpressDirectoryBucket < Configuration; end
  class DynamodbStream < Configuration; end
  class DynamodbTable < Configuration; end
  class Unknown < Configuration; end
end

#substring ⇒ Types::Substring

Refers to a substring of a literal string in a JSON object.

Returns:

• (Types::Substring)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3134

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#unused_access ⇒ Types::UnusedAccessConfiguration

Specifies the configuration of an unused access analyzer for an Amazon Web Services organization or account.

Returns:

• (Types::UnusedAccessConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 478

class AnalyzerConfiguration < Struct.new(
  :unused_access,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class UnusedAccess < AnalyzerConfiguration; end
  class Unknown < AnalyzerConfiguration; end
end

#unused_iam_role_details ⇒ Types::UnusedIamRoleDetails

The details for an unused access analyzer finding with an unused IAM role finding type.

Returns:

• (Types::UnusedIamRoleDetails)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1619

class FindingDetails < Struct.new(
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_iam_user_access_key_details ⇒ Types::UnusedIamUserAccessKeyDetails

The details for an unused access analyzer finding with an unused IAM user access key finding type.

Returns:

• (Types::UnusedIamUserAccessKeyDetails)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1619

class FindingDetails < Struct.new(
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_iam_user_password_details ⇒ Types::UnusedIamUserPasswordDetails

The details for an unused access analyzer finding with an unused IAM user password finding type.

Returns:

• (Types::UnusedIamUserPasswordDetails)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1619

class FindingDetails < Struct.new(
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_permission_details ⇒ Types::UnusedPermissionDetails

The details for an unused access analyzer finding with an unused permission finding type.

Returns:

• (Types::UnusedPermissionDetails)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 1619

class FindingDetails < Struct.new(
  :external_access_details,
  :unused_permission_details,
  :unused_iam_user_access_key_details,
  :unused_iam_role_details,
  :unused_iam_user_password_details,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class ExternalAccessDetails < FindingDetails; end
  class UnusedPermissionDetails < FindingDetails; end
  class UnusedIamUserAccessKeyDetails < FindingDetails; end
  class UnusedIamRoleDetails < FindingDetails; end
  class UnusedIamUserPasswordDetails < FindingDetails; end
  class Unknown < FindingDetails; end
end

#unused_permissions_recommended_step ⇒ Types::UnusedPermissionsRecommendedStep

A recommended step for an unused permissions finding.

Returns:

• (Types::UnusedPermissionsRecommendedStep)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3454

class RecommendedStep < Struct.new(
  :unused_permissions_recommended_step,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class UnusedPermissionsRecommendedStep < RecommendedStep; end
  class Unknown < RecommendedStep; end
end

#uri ⇒ String

Used for granting permissions to a predefined group.

Returns:

• (String)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 308

class AclGrantee < Struct.new(
  :id,
  :uri,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Id < AclGrantee; end
  class Uri < AclGrantee; end
  class Unknown < AclGrantee; end
end

#value ⇒ String

Refers to the value associated with a given key in a JSON object.

Returns:

• (String)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3134

class PathElement < Struct.new(
  :index,
  :key,
  :substring,
  :value,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class Index < PathElement; end
  class Key < PathElement; end
  class Substring < PathElement; end
  class Value < PathElement; end
  class Unknown < PathElement; end
end

#vpc_configuration ⇒ Types::VpcConfiguration

The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point. VPC configuration does not apply to multi-region access points. For more information, see VpcConfiguration.

Returns:

• (Types::VpcConfiguration)

# File 'gems/aws-sdk-accessanalyzer/lib/aws-sdk-accessanalyzer/types.rb', line 3098

class NetworkOriginConfiguration < Struct.new(
  :vpc_configuration,
  :internet_configuration,
  :unknown)
  SENSITIVE = []
  include Aws::Structure
  include Aws::Structure::Union

  class VpcConfiguration < NetworkOriginConfiguration; end
  class InternetConfiguration < NetworkOriginConfiguration; end
  class Unknown < NetworkOriginConfiguration; end
end