AwsIamAccessKeyDetails
IAM access key details related to a finding.
Contents
- AccessKeyId
-
The identifier of the access key.
Type: String
Pattern:
.*\S.*
Required: No
- AccountId
-
The AWS account ID of the account for the key.
Type: String
Pattern:
.*\S.*
Required: No
- CreatedAt
-
Indicates when the IAM access key was created.
This field accepts only the specified formats. Timestamps can end with
Z
or("+" / "-") time-hour [":" time-minute]
. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats that you can send to Security Hub:-
YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
) -
YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
) -
YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round
2024-10-31T23:00:00.123456789Z
to2024-10-31T23:00:00.123Z
.Type: String
Pattern:
.*\S.*
Required: No
-
- PrincipalId
-
The ID of the principal associated with an access key.
Type: String
Pattern:
.*\S.*
Required: No
- PrincipalName
-
The name of the principal.
Type: String
Pattern:
.*\S.*
Required: No
- PrincipalType
-
The type of principal associated with an access key.
Type: String
Pattern:
.*\S.*
Required: No
- SessionContext
-
Information about the session that the key was used for.
Type: AwsIamAccessKeySessionContext object
Required: No
- Status
-
The status of the IAM access key related to a finding.
Type: String
Valid Values:
Active | Inactive
Required: No
- UserName
-
This member has been deprecated.
The user associated with the IAM access key related to a finding.
The
UserName
parameter has been replaced with thePrincipalName
parameter because access keys can also be assigned to principals that are not IAM users.Type: String
Pattern:
.*\S.*
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: