File: //opt/go/pkg/mod/github.com/aws/
[email protected]/service/accessanalyzer/api.go
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
package accessanalyzer
import (
"fmt"
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awsutil"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/private/protocol"
"github.com/aws/aws-sdk-go/private/protocol/restjson"
)
const opApplyArchiveRule = "ApplyArchiveRule"
// ApplyArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the ApplyArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ApplyArchiveRule for more information on using the ApplyArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ApplyArchiveRuleRequest method.
// req, resp := client.ApplyArchiveRuleRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ApplyArchiveRule
func (c *AccessAnalyzer) ApplyArchiveRuleRequest(input *ApplyArchiveRuleInput) (req *request.Request, output *ApplyArchiveRuleOutput) {
op := &request.Operation{
Name: opApplyArchiveRule,
HTTPMethod: "PUT",
HTTPPath: "/archive-rule",
}
if input == nil {
input = &ApplyArchiveRuleInput{}
}
output = &ApplyArchiveRuleOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// ApplyArchiveRule API operation for Access Analyzer.
//
// Retroactively applies the archive rule to existing findings that meet the
// archive rule criteria.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ApplyArchiveRule for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ApplyArchiveRule
func (c *AccessAnalyzer) ApplyArchiveRule(input *ApplyArchiveRuleInput) (*ApplyArchiveRuleOutput, error) {
req, out := c.ApplyArchiveRuleRequest(input)
return out, req.Send()
}
// ApplyArchiveRuleWithContext is the same as ApplyArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See ApplyArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ApplyArchiveRuleWithContext(ctx aws.Context, input *ApplyArchiveRuleInput, opts ...request.Option) (*ApplyArchiveRuleOutput, error) {
req, out := c.ApplyArchiveRuleRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCancelPolicyGeneration = "CancelPolicyGeneration"
// CancelPolicyGenerationRequest generates a "aws/request.Request" representing the
// client's request for the CancelPolicyGeneration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CancelPolicyGeneration for more information on using the CancelPolicyGeneration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the CancelPolicyGenerationRequest method.
// req, resp := client.CancelPolicyGenerationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CancelPolicyGeneration
func (c *AccessAnalyzer) CancelPolicyGenerationRequest(input *CancelPolicyGenerationInput) (req *request.Request, output *CancelPolicyGenerationOutput) {
op := &request.Operation{
Name: opCancelPolicyGeneration,
HTTPMethod: "PUT",
HTTPPath: "/policy/generation/{jobId}",
}
if input == nil {
input = &CancelPolicyGenerationInput{}
}
output = &CancelPolicyGenerationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// CancelPolicyGeneration API operation for Access Analyzer.
//
// Cancels the requested policy generation.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CancelPolicyGeneration for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CancelPolicyGeneration
func (c *AccessAnalyzer) CancelPolicyGeneration(input *CancelPolicyGenerationInput) (*CancelPolicyGenerationOutput, error) {
req, out := c.CancelPolicyGenerationRequest(input)
return out, req.Send()
}
// CancelPolicyGenerationWithContext is the same as CancelPolicyGeneration with the addition of
// the ability to pass a context and additional request options.
//
// See CancelPolicyGeneration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CancelPolicyGenerationWithContext(ctx aws.Context, input *CancelPolicyGenerationInput, opts ...request.Option) (*CancelPolicyGenerationOutput, error) {
req, out := c.CancelPolicyGenerationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCheckAccessNotGranted = "CheckAccessNotGranted"
// CheckAccessNotGrantedRequest generates a "aws/request.Request" representing the
// client's request for the CheckAccessNotGranted operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CheckAccessNotGranted for more information on using the CheckAccessNotGranted
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the CheckAccessNotGrantedRequest method.
// req, resp := client.CheckAccessNotGrantedRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckAccessNotGranted
func (c *AccessAnalyzer) CheckAccessNotGrantedRequest(input *CheckAccessNotGrantedInput) (req *request.Request, output *CheckAccessNotGrantedOutput) {
op := &request.Operation{
Name: opCheckAccessNotGranted,
HTTPMethod: "POST",
HTTPPath: "/policy/check-access-not-granted",
}
if input == nil {
input = &CheckAccessNotGrantedInput{}
}
output = &CheckAccessNotGrantedOutput{}
req = c.newRequest(op, input, output)
return
}
// CheckAccessNotGranted API operation for Access Analyzer.
//
// Checks whether the specified access isn't allowed by a policy.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CheckAccessNotGranted for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - InvalidParameterException
// The specified parameter is invalid.
//
// - UnprocessableEntityException
// The specified entity could not be processed.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckAccessNotGranted
func (c *AccessAnalyzer) CheckAccessNotGranted(input *CheckAccessNotGrantedInput) (*CheckAccessNotGrantedOutput, error) {
req, out := c.CheckAccessNotGrantedRequest(input)
return out, req.Send()
}
// CheckAccessNotGrantedWithContext is the same as CheckAccessNotGranted with the addition of
// the ability to pass a context and additional request options.
//
// See CheckAccessNotGranted for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CheckAccessNotGrantedWithContext(ctx aws.Context, input *CheckAccessNotGrantedInput, opts ...request.Option) (*CheckAccessNotGrantedOutput, error) {
req, out := c.CheckAccessNotGrantedRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCheckNoNewAccess = "CheckNoNewAccess"
// CheckNoNewAccessRequest generates a "aws/request.Request" representing the
// client's request for the CheckNoNewAccess operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CheckNoNewAccess for more information on using the CheckNoNewAccess
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the CheckNoNewAccessRequest method.
// req, resp := client.CheckNoNewAccessRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoNewAccess
func (c *AccessAnalyzer) CheckNoNewAccessRequest(input *CheckNoNewAccessInput) (req *request.Request, output *CheckNoNewAccessOutput) {
op := &request.Operation{
Name: opCheckNoNewAccess,
HTTPMethod: "POST",
HTTPPath: "/policy/check-no-new-access",
}
if input == nil {
input = &CheckNoNewAccessInput{}
}
output = &CheckNoNewAccessOutput{}
req = c.newRequest(op, input, output)
return
}
// CheckNoNewAccess API operation for Access Analyzer.
//
// Checks whether new access is allowed for an updated policy when compared
// to the existing policy.
//
// You can find examples for reference policies and learn how to set up and
// run a custom policy check for new access in the IAM Access Analyzer custom
// policy checks samples (https://github.com/aws-samples/iam-access-analyzer-custom-policy-check-samples)
// repository on GitHub. The reference policies in this repository are meant
// to be passed to the existingPolicyDocument request parameter.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CheckNoNewAccess for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - InvalidParameterException
// The specified parameter is invalid.
//
// - UnprocessableEntityException
// The specified entity could not be processed.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoNewAccess
func (c *AccessAnalyzer) CheckNoNewAccess(input *CheckNoNewAccessInput) (*CheckNoNewAccessOutput, error) {
req, out := c.CheckNoNewAccessRequest(input)
return out, req.Send()
}
// CheckNoNewAccessWithContext is the same as CheckNoNewAccess with the addition of
// the ability to pass a context and additional request options.
//
// See CheckNoNewAccess for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CheckNoNewAccessWithContext(ctx aws.Context, input *CheckNoNewAccessInput, opts ...request.Option) (*CheckNoNewAccessOutput, error) {
req, out := c.CheckNoNewAccessRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCheckNoPublicAccess = "CheckNoPublicAccess"
// CheckNoPublicAccessRequest generates a "aws/request.Request" representing the
// client's request for the CheckNoPublicAccess operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CheckNoPublicAccess for more information on using the CheckNoPublicAccess
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the CheckNoPublicAccessRequest method.
// req, resp := client.CheckNoPublicAccessRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoPublicAccess
func (c *AccessAnalyzer) CheckNoPublicAccessRequest(input *CheckNoPublicAccessInput) (req *request.Request, output *CheckNoPublicAccessOutput) {
op := &request.Operation{
Name: opCheckNoPublicAccess,
HTTPMethod: "POST",
HTTPPath: "/policy/check-no-public-access",
}
if input == nil {
input = &CheckNoPublicAccessInput{}
}
output = &CheckNoPublicAccessOutput{}
req = c.newRequest(op, input, output)
return
}
// CheckNoPublicAccess API operation for Access Analyzer.
//
// Checks whether a resource policy can grant public access to the specified
// resource type.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CheckNoPublicAccess for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - InvalidParameterException
// The specified parameter is invalid.
//
// - UnprocessableEntityException
// The specified entity could not be processed.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoPublicAccess
func (c *AccessAnalyzer) CheckNoPublicAccess(input *CheckNoPublicAccessInput) (*CheckNoPublicAccessOutput, error) {
req, out := c.CheckNoPublicAccessRequest(input)
return out, req.Send()
}
// CheckNoPublicAccessWithContext is the same as CheckNoPublicAccess with the addition of
// the ability to pass a context and additional request options.
//
// See CheckNoPublicAccess for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CheckNoPublicAccessWithContext(ctx aws.Context, input *CheckNoPublicAccessInput, opts ...request.Option) (*CheckNoPublicAccessOutput, error) {
req, out := c.CheckNoPublicAccessRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCreateAccessPreview = "CreateAccessPreview"
// CreateAccessPreviewRequest generates a "aws/request.Request" representing the
// client's request for the CreateAccessPreview operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateAccessPreview for more information on using the CreateAccessPreview
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the CreateAccessPreviewRequest method.
// req, resp := client.CreateAccessPreviewRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAccessPreview
func (c *AccessAnalyzer) CreateAccessPreviewRequest(input *CreateAccessPreviewInput) (req *request.Request, output *CreateAccessPreviewOutput) {
op := &request.Operation{
Name: opCreateAccessPreview,
HTTPMethod: "PUT",
HTTPPath: "/access-preview",
}
if input == nil {
input = &CreateAccessPreviewInput{}
}
output = &CreateAccessPreviewOutput{}
req = c.newRequest(op, input, output)
return
}
// CreateAccessPreview API operation for Access Analyzer.
//
// Creates an access preview that allows you to preview IAM Access Analyzer
// findings for your resource before deploying resource permissions.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CreateAccessPreview for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ConflictException
// A conflict exception error.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ServiceQuotaExceededException
// Service quote met error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAccessPreview
func (c *AccessAnalyzer) CreateAccessPreview(input *CreateAccessPreviewInput) (*CreateAccessPreviewOutput, error) {
req, out := c.CreateAccessPreviewRequest(input)
return out, req.Send()
}
// CreateAccessPreviewWithContext is the same as CreateAccessPreview with the addition of
// the ability to pass a context and additional request options.
//
// See CreateAccessPreview for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CreateAccessPreviewWithContext(ctx aws.Context, input *CreateAccessPreviewInput, opts ...request.Option) (*CreateAccessPreviewOutput, error) {
req, out := c.CreateAccessPreviewRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCreateAnalyzer = "CreateAnalyzer"
// CreateAnalyzerRequest generates a "aws/request.Request" representing the
// client's request for the CreateAnalyzer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateAnalyzer for more information on using the CreateAnalyzer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the CreateAnalyzerRequest method.
// req, resp := client.CreateAnalyzerRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAnalyzer
func (c *AccessAnalyzer) CreateAnalyzerRequest(input *CreateAnalyzerInput) (req *request.Request, output *CreateAnalyzerOutput) {
op := &request.Operation{
Name: opCreateAnalyzer,
HTTPMethod: "PUT",
HTTPPath: "/analyzer",
}
if input == nil {
input = &CreateAnalyzerInput{}
}
output = &CreateAnalyzerOutput{}
req = c.newRequest(op, input, output)
return
}
// CreateAnalyzer API operation for Access Analyzer.
//
// Creates an analyzer for your account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CreateAnalyzer for usage and error information.
//
// Returned Error Types:
//
// - ConflictException
// A conflict exception error.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ServiceQuotaExceededException
// Service quote met error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateAnalyzer
func (c *AccessAnalyzer) CreateAnalyzer(input *CreateAnalyzerInput) (*CreateAnalyzerOutput, error) {
req, out := c.CreateAnalyzerRequest(input)
return out, req.Send()
}
// CreateAnalyzerWithContext is the same as CreateAnalyzer with the addition of
// the ability to pass a context and additional request options.
//
// See CreateAnalyzer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CreateAnalyzerWithContext(ctx aws.Context, input *CreateAnalyzerInput, opts ...request.Option) (*CreateAnalyzerOutput, error) {
req, out := c.CreateAnalyzerRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCreateArchiveRule = "CreateArchiveRule"
// CreateArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the CreateArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateArchiveRule for more information on using the CreateArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the CreateArchiveRuleRequest method.
// req, resp := client.CreateArchiveRuleRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateArchiveRule
func (c *AccessAnalyzer) CreateArchiveRuleRequest(input *CreateArchiveRuleInput) (req *request.Request, output *CreateArchiveRuleOutput) {
op := &request.Operation{
Name: opCreateArchiveRule,
HTTPMethod: "PUT",
HTTPPath: "/analyzer/{analyzerName}/archive-rule",
}
if input == nil {
input = &CreateArchiveRuleInput{}
}
output = &CreateArchiveRuleOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// CreateArchiveRule API operation for Access Analyzer.
//
// Creates an archive rule for the specified analyzer. Archive rules automatically
// archive new findings that meet the criteria you define when you create the
// rule.
//
// To learn about filter keys that you can use to create an archive rule, see
// IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation CreateArchiveRule for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ConflictException
// A conflict exception error.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ServiceQuotaExceededException
// Service quote met error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CreateArchiveRule
func (c *AccessAnalyzer) CreateArchiveRule(input *CreateArchiveRuleInput) (*CreateArchiveRuleOutput, error) {
req, out := c.CreateArchiveRuleRequest(input)
return out, req.Send()
}
// CreateArchiveRuleWithContext is the same as CreateArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See CreateArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) CreateArchiveRuleWithContext(ctx aws.Context, input *CreateArchiveRuleInput, opts ...request.Option) (*CreateArchiveRuleOutput, error) {
req, out := c.CreateArchiveRuleRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDeleteAnalyzer = "DeleteAnalyzer"
// DeleteAnalyzerRequest generates a "aws/request.Request" representing the
// client's request for the DeleteAnalyzer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteAnalyzer for more information on using the DeleteAnalyzer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the DeleteAnalyzerRequest method.
// req, resp := client.DeleteAnalyzerRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteAnalyzer
func (c *AccessAnalyzer) DeleteAnalyzerRequest(input *DeleteAnalyzerInput) (req *request.Request, output *DeleteAnalyzerOutput) {
op := &request.Operation{
Name: opDeleteAnalyzer,
HTTPMethod: "DELETE",
HTTPPath: "/analyzer/{analyzerName}",
}
if input == nil {
input = &DeleteAnalyzerInput{}
}
output = &DeleteAnalyzerOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// DeleteAnalyzer API operation for Access Analyzer.
//
// Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer
// is disabled for the account or organization in the current or specific Region.
// All findings that were generated by the analyzer are deleted. You cannot
// undo this action.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation DeleteAnalyzer for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteAnalyzer
func (c *AccessAnalyzer) DeleteAnalyzer(input *DeleteAnalyzerInput) (*DeleteAnalyzerOutput, error) {
req, out := c.DeleteAnalyzerRequest(input)
return out, req.Send()
}
// DeleteAnalyzerWithContext is the same as DeleteAnalyzer with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteAnalyzer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) DeleteAnalyzerWithContext(ctx aws.Context, input *DeleteAnalyzerInput, opts ...request.Option) (*DeleteAnalyzerOutput, error) {
req, out := c.DeleteAnalyzerRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDeleteArchiveRule = "DeleteArchiveRule"
// DeleteArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the DeleteArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteArchiveRule for more information on using the DeleteArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the DeleteArchiveRuleRequest method.
// req, resp := client.DeleteArchiveRuleRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteArchiveRule
func (c *AccessAnalyzer) DeleteArchiveRuleRequest(input *DeleteArchiveRuleInput) (req *request.Request, output *DeleteArchiveRuleOutput) {
op := &request.Operation{
Name: opDeleteArchiveRule,
HTTPMethod: "DELETE",
HTTPPath: "/analyzer/{analyzerName}/archive-rule/{ruleName}",
}
if input == nil {
input = &DeleteArchiveRuleInput{}
}
output = &DeleteArchiveRuleOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// DeleteArchiveRule API operation for Access Analyzer.
//
// Deletes the specified archive rule.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation DeleteArchiveRule for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/DeleteArchiveRule
func (c *AccessAnalyzer) DeleteArchiveRule(input *DeleteArchiveRuleInput) (*DeleteArchiveRuleOutput, error) {
req, out := c.DeleteArchiveRuleRequest(input)
return out, req.Send()
}
// DeleteArchiveRuleWithContext is the same as DeleteArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) DeleteArchiveRuleWithContext(ctx aws.Context, input *DeleteArchiveRuleInput, opts ...request.Option) (*DeleteArchiveRuleOutput, error) {
req, out := c.DeleteArchiveRuleRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opGenerateFindingRecommendation = "GenerateFindingRecommendation"
// GenerateFindingRecommendationRequest generates a "aws/request.Request" representing the
// client's request for the GenerateFindingRecommendation operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GenerateFindingRecommendation for more information on using the GenerateFindingRecommendation
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GenerateFindingRecommendationRequest method.
// req, resp := client.GenerateFindingRecommendationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GenerateFindingRecommendation
func (c *AccessAnalyzer) GenerateFindingRecommendationRequest(input *GenerateFindingRecommendationInput) (req *request.Request, output *GenerateFindingRecommendationOutput) {
op := &request.Operation{
Name: opGenerateFindingRecommendation,
HTTPMethod: "POST",
HTTPPath: "/recommendation/{id}",
}
if input == nil {
input = &GenerateFindingRecommendationInput{}
}
output = &GenerateFindingRecommendationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// GenerateFindingRecommendation API operation for Access Analyzer.
//
// Creates a recommendation for an unused permissions finding.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GenerateFindingRecommendation for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GenerateFindingRecommendation
func (c *AccessAnalyzer) GenerateFindingRecommendation(input *GenerateFindingRecommendationInput) (*GenerateFindingRecommendationOutput, error) {
req, out := c.GenerateFindingRecommendationRequest(input)
return out, req.Send()
}
// GenerateFindingRecommendationWithContext is the same as GenerateFindingRecommendation with the addition of
// the ability to pass a context and additional request options.
//
// See GenerateFindingRecommendation for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GenerateFindingRecommendationWithContext(ctx aws.Context, input *GenerateFindingRecommendationInput, opts ...request.Option) (*GenerateFindingRecommendationOutput, error) {
req, out := c.GenerateFindingRecommendationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opGetAccessPreview = "GetAccessPreview"
// GetAccessPreviewRequest generates a "aws/request.Request" representing the
// client's request for the GetAccessPreview operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetAccessPreview for more information on using the GetAccessPreview
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetAccessPreviewRequest method.
// req, resp := client.GetAccessPreviewRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAccessPreview
func (c *AccessAnalyzer) GetAccessPreviewRequest(input *GetAccessPreviewInput) (req *request.Request, output *GetAccessPreviewOutput) {
op := &request.Operation{
Name: opGetAccessPreview,
HTTPMethod: "GET",
HTTPPath: "/access-preview/{accessPreviewId}",
}
if input == nil {
input = &GetAccessPreviewInput{}
}
output = &GetAccessPreviewOutput{}
req = c.newRequest(op, input, output)
return
}
// GetAccessPreview API operation for Access Analyzer.
//
// Retrieves information about an access preview for the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetAccessPreview for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAccessPreview
func (c *AccessAnalyzer) GetAccessPreview(input *GetAccessPreviewInput) (*GetAccessPreviewOutput, error) {
req, out := c.GetAccessPreviewRequest(input)
return out, req.Send()
}
// GetAccessPreviewWithContext is the same as GetAccessPreview with the addition of
// the ability to pass a context and additional request options.
//
// See GetAccessPreview for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetAccessPreviewWithContext(ctx aws.Context, input *GetAccessPreviewInput, opts ...request.Option) (*GetAccessPreviewOutput, error) {
req, out := c.GetAccessPreviewRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opGetAnalyzedResource = "GetAnalyzedResource"
// GetAnalyzedResourceRequest generates a "aws/request.Request" representing the
// client's request for the GetAnalyzedResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetAnalyzedResource for more information on using the GetAnalyzedResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetAnalyzedResourceRequest method.
// req, resp := client.GetAnalyzedResourceRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzedResource
func (c *AccessAnalyzer) GetAnalyzedResourceRequest(input *GetAnalyzedResourceInput) (req *request.Request, output *GetAnalyzedResourceOutput) {
op := &request.Operation{
Name: opGetAnalyzedResource,
HTTPMethod: "GET",
HTTPPath: "/analyzed-resource",
}
if input == nil {
input = &GetAnalyzedResourceInput{}
}
output = &GetAnalyzedResourceOutput{}
req = c.newRequest(op, input, output)
return
}
// GetAnalyzedResource API operation for Access Analyzer.
//
// Retrieves information about a resource that was analyzed.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetAnalyzedResource for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzedResource
func (c *AccessAnalyzer) GetAnalyzedResource(input *GetAnalyzedResourceInput) (*GetAnalyzedResourceOutput, error) {
req, out := c.GetAnalyzedResourceRequest(input)
return out, req.Send()
}
// GetAnalyzedResourceWithContext is the same as GetAnalyzedResource with the addition of
// the ability to pass a context and additional request options.
//
// See GetAnalyzedResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetAnalyzedResourceWithContext(ctx aws.Context, input *GetAnalyzedResourceInput, opts ...request.Option) (*GetAnalyzedResourceOutput, error) {
req, out := c.GetAnalyzedResourceRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opGetAnalyzer = "GetAnalyzer"
// GetAnalyzerRequest generates a "aws/request.Request" representing the
// client's request for the GetAnalyzer operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetAnalyzer for more information on using the GetAnalyzer
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetAnalyzerRequest method.
// req, resp := client.GetAnalyzerRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzer
func (c *AccessAnalyzer) GetAnalyzerRequest(input *GetAnalyzerInput) (req *request.Request, output *GetAnalyzerOutput) {
op := &request.Operation{
Name: opGetAnalyzer,
HTTPMethod: "GET",
HTTPPath: "/analyzer/{analyzerName}",
}
if input == nil {
input = &GetAnalyzerInput{}
}
output = &GetAnalyzerOutput{}
req = c.newRequest(op, input, output)
return
}
// GetAnalyzer API operation for Access Analyzer.
//
// Retrieves information about the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetAnalyzer for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetAnalyzer
func (c *AccessAnalyzer) GetAnalyzer(input *GetAnalyzerInput) (*GetAnalyzerOutput, error) {
req, out := c.GetAnalyzerRequest(input)
return out, req.Send()
}
// GetAnalyzerWithContext is the same as GetAnalyzer with the addition of
// the ability to pass a context and additional request options.
//
// See GetAnalyzer for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetAnalyzerWithContext(ctx aws.Context, input *GetAnalyzerInput, opts ...request.Option) (*GetAnalyzerOutput, error) {
req, out := c.GetAnalyzerRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opGetArchiveRule = "GetArchiveRule"
// GetArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the GetArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetArchiveRule for more information on using the GetArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetArchiveRuleRequest method.
// req, resp := client.GetArchiveRuleRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetArchiveRule
func (c *AccessAnalyzer) GetArchiveRuleRequest(input *GetArchiveRuleInput) (req *request.Request, output *GetArchiveRuleOutput) {
op := &request.Operation{
Name: opGetArchiveRule,
HTTPMethod: "GET",
HTTPPath: "/analyzer/{analyzerName}/archive-rule/{ruleName}",
}
if input == nil {
input = &GetArchiveRuleInput{}
}
output = &GetArchiveRuleOutput{}
req = c.newRequest(op, input, output)
return
}
// GetArchiveRule API operation for Access Analyzer.
//
// Retrieves information about an archive rule.
//
// To learn about filter keys that you can use to create an archive rule, see
// IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetArchiveRule for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetArchiveRule
func (c *AccessAnalyzer) GetArchiveRule(input *GetArchiveRuleInput) (*GetArchiveRuleOutput, error) {
req, out := c.GetArchiveRuleRequest(input)
return out, req.Send()
}
// GetArchiveRuleWithContext is the same as GetArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See GetArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetArchiveRuleWithContext(ctx aws.Context, input *GetArchiveRuleInput, opts ...request.Option) (*GetArchiveRuleOutput, error) {
req, out := c.GetArchiveRuleRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opGetFinding = "GetFinding"
// GetFindingRequest generates a "aws/request.Request" representing the
// client's request for the GetFinding operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetFinding for more information on using the GetFinding
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetFindingRequest method.
// req, resp := client.GetFindingRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFinding
func (c *AccessAnalyzer) GetFindingRequest(input *GetFindingInput) (req *request.Request, output *GetFindingOutput) {
op := &request.Operation{
Name: opGetFinding,
HTTPMethod: "GET",
HTTPPath: "/finding/{id}",
}
if input == nil {
input = &GetFindingInput{}
}
output = &GetFindingOutput{}
req = c.newRequest(op, input, output)
return
}
// GetFinding API operation for Access Analyzer.
//
// Retrieves information about the specified finding. GetFinding and GetFindingV2
// both use access-analyzer:GetFinding in the Action element of an IAM policy
// statement. You must have permission to perform the access-analyzer:GetFinding
// action.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetFinding for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFinding
func (c *AccessAnalyzer) GetFinding(input *GetFindingInput) (*GetFindingOutput, error) {
req, out := c.GetFindingRequest(input)
return out, req.Send()
}
// GetFindingWithContext is the same as GetFinding with the addition of
// the ability to pass a context and additional request options.
//
// See GetFinding for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingWithContext(ctx aws.Context, input *GetFindingInput, opts ...request.Option) (*GetFindingOutput, error) {
req, out := c.GetFindingRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opGetFindingRecommendation = "GetFindingRecommendation"
// GetFindingRecommendationRequest generates a "aws/request.Request" representing the
// client's request for the GetFindingRecommendation operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetFindingRecommendation for more information on using the GetFindingRecommendation
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetFindingRecommendationRequest method.
// req, resp := client.GetFindingRecommendationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingRecommendation
func (c *AccessAnalyzer) GetFindingRecommendationRequest(input *GetFindingRecommendationInput) (req *request.Request, output *GetFindingRecommendationOutput) {
op := &request.Operation{
Name: opGetFindingRecommendation,
HTTPMethod: "GET",
HTTPPath: "/recommendation/{id}",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &GetFindingRecommendationInput{}
}
output = &GetFindingRecommendationOutput{}
req = c.newRequest(op, input, output)
return
}
// GetFindingRecommendation API operation for Access Analyzer.
//
// Retrieves information about a finding recommendation for the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetFindingRecommendation for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingRecommendation
func (c *AccessAnalyzer) GetFindingRecommendation(input *GetFindingRecommendationInput) (*GetFindingRecommendationOutput, error) {
req, out := c.GetFindingRecommendationRequest(input)
return out, req.Send()
}
// GetFindingRecommendationWithContext is the same as GetFindingRecommendation with the addition of
// the ability to pass a context and additional request options.
//
// See GetFindingRecommendation for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingRecommendationWithContext(ctx aws.Context, input *GetFindingRecommendationInput, opts ...request.Option) (*GetFindingRecommendationOutput, error) {
req, out := c.GetFindingRecommendationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// GetFindingRecommendationPages iterates over the pages of a GetFindingRecommendation operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See GetFindingRecommendation method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a GetFindingRecommendation operation.
// pageNum := 0
// err := client.GetFindingRecommendationPages(params,
// func(page *accessanalyzer.GetFindingRecommendationOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) GetFindingRecommendationPages(input *GetFindingRecommendationInput, fn func(*GetFindingRecommendationOutput, bool) bool) error {
return c.GetFindingRecommendationPagesWithContext(aws.BackgroundContext(), input, fn)
}
// GetFindingRecommendationPagesWithContext same as GetFindingRecommendationPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingRecommendationPagesWithContext(ctx aws.Context, input *GetFindingRecommendationInput, fn func(*GetFindingRecommendationOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *GetFindingRecommendationInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.GetFindingRecommendationRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*GetFindingRecommendationOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opGetFindingV2 = "GetFindingV2"
// GetFindingV2Request generates a "aws/request.Request" representing the
// client's request for the GetFindingV2 operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetFindingV2 for more information on using the GetFindingV2
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetFindingV2Request method.
// req, resp := client.GetFindingV2Request(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingV2
func (c *AccessAnalyzer) GetFindingV2Request(input *GetFindingV2Input) (req *request.Request, output *GetFindingV2Output) {
op := &request.Operation{
Name: opGetFindingV2,
HTTPMethod: "GET",
HTTPPath: "/findingv2/{id}",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &GetFindingV2Input{}
}
output = &GetFindingV2Output{}
req = c.newRequest(op, input, output)
return
}
// GetFindingV2 API operation for Access Analyzer.
//
// Retrieves information about the specified finding. GetFinding and GetFindingV2
// both use access-analyzer:GetFinding in the Action element of an IAM policy
// statement. You must have permission to perform the access-analyzer:GetFinding
// action.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetFindingV2 for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetFindingV2
func (c *AccessAnalyzer) GetFindingV2(input *GetFindingV2Input) (*GetFindingV2Output, error) {
req, out := c.GetFindingV2Request(input)
return out, req.Send()
}
// GetFindingV2WithContext is the same as GetFindingV2 with the addition of
// the ability to pass a context and additional request options.
//
// See GetFindingV2 for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingV2WithContext(ctx aws.Context, input *GetFindingV2Input, opts ...request.Option) (*GetFindingV2Output, error) {
req, out := c.GetFindingV2Request(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// GetFindingV2Pages iterates over the pages of a GetFindingV2 operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See GetFindingV2 method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a GetFindingV2 operation.
// pageNum := 0
// err := client.GetFindingV2Pages(params,
// func(page *accessanalyzer.GetFindingV2Output, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) GetFindingV2Pages(input *GetFindingV2Input, fn func(*GetFindingV2Output, bool) bool) error {
return c.GetFindingV2PagesWithContext(aws.BackgroundContext(), input, fn)
}
// GetFindingV2PagesWithContext same as GetFindingV2Pages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetFindingV2PagesWithContext(ctx aws.Context, input *GetFindingV2Input, fn func(*GetFindingV2Output, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *GetFindingV2Input
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.GetFindingV2Request(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*GetFindingV2Output), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opGetGeneratedPolicy = "GetGeneratedPolicy"
// GetGeneratedPolicyRequest generates a "aws/request.Request" representing the
// client's request for the GetGeneratedPolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See GetGeneratedPolicy for more information on using the GetGeneratedPolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the GetGeneratedPolicyRequest method.
// req, resp := client.GetGeneratedPolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetGeneratedPolicy
func (c *AccessAnalyzer) GetGeneratedPolicyRequest(input *GetGeneratedPolicyInput) (req *request.Request, output *GetGeneratedPolicyOutput) {
op := &request.Operation{
Name: opGetGeneratedPolicy,
HTTPMethod: "GET",
HTTPPath: "/policy/generation/{jobId}",
}
if input == nil {
input = &GetGeneratedPolicyInput{}
}
output = &GetGeneratedPolicyOutput{}
req = c.newRequest(op, input, output)
return
}
// GetGeneratedPolicy API operation for Access Analyzer.
//
// Retrieves the policy that was generated using StartPolicyGeneration.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation GetGeneratedPolicy for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/GetGeneratedPolicy
func (c *AccessAnalyzer) GetGeneratedPolicy(input *GetGeneratedPolicyInput) (*GetGeneratedPolicyOutput, error) {
req, out := c.GetGeneratedPolicyRequest(input)
return out, req.Send()
}
// GetGeneratedPolicyWithContext is the same as GetGeneratedPolicy with the addition of
// the ability to pass a context and additional request options.
//
// See GetGeneratedPolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) GetGeneratedPolicyWithContext(ctx aws.Context, input *GetGeneratedPolicyInput, opts ...request.Option) (*GetGeneratedPolicyOutput, error) {
req, out := c.GetGeneratedPolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opListAccessPreviewFindings = "ListAccessPreviewFindings"
// ListAccessPreviewFindingsRequest generates a "aws/request.Request" representing the
// client's request for the ListAccessPreviewFindings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAccessPreviewFindings for more information on using the ListAccessPreviewFindings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListAccessPreviewFindingsRequest method.
// req, resp := client.ListAccessPreviewFindingsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviewFindings
func (c *AccessAnalyzer) ListAccessPreviewFindingsRequest(input *ListAccessPreviewFindingsInput) (req *request.Request, output *ListAccessPreviewFindingsOutput) {
op := &request.Operation{
Name: opListAccessPreviewFindings,
HTTPMethod: "POST",
HTTPPath: "/access-preview/{accessPreviewId}",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListAccessPreviewFindingsInput{}
}
output = &ListAccessPreviewFindingsOutput{}
req = c.newRequest(op, input, output)
return
}
// ListAccessPreviewFindings API operation for Access Analyzer.
//
// Retrieves a list of access preview findings generated by the specified access
// preview.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAccessPreviewFindings for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ConflictException
// A conflict exception error.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviewFindings
func (c *AccessAnalyzer) ListAccessPreviewFindings(input *ListAccessPreviewFindingsInput) (*ListAccessPreviewFindingsOutput, error) {
req, out := c.ListAccessPreviewFindingsRequest(input)
return out, req.Send()
}
// ListAccessPreviewFindingsWithContext is the same as ListAccessPreviewFindings with the addition of
// the ability to pass a context and additional request options.
//
// See ListAccessPreviewFindings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewFindingsWithContext(ctx aws.Context, input *ListAccessPreviewFindingsInput, opts ...request.Option) (*ListAccessPreviewFindingsOutput, error) {
req, out := c.ListAccessPreviewFindingsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListAccessPreviewFindingsPages iterates over the pages of a ListAccessPreviewFindings operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAccessPreviewFindings method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListAccessPreviewFindings operation.
// pageNum := 0
// err := client.ListAccessPreviewFindingsPages(params,
// func(page *accessanalyzer.ListAccessPreviewFindingsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListAccessPreviewFindingsPages(input *ListAccessPreviewFindingsInput, fn func(*ListAccessPreviewFindingsOutput, bool) bool) error {
return c.ListAccessPreviewFindingsPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListAccessPreviewFindingsPagesWithContext same as ListAccessPreviewFindingsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewFindingsPagesWithContext(ctx aws.Context, input *ListAccessPreviewFindingsInput, fn func(*ListAccessPreviewFindingsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListAccessPreviewFindingsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListAccessPreviewFindingsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListAccessPreviewFindingsOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListAccessPreviews = "ListAccessPreviews"
// ListAccessPreviewsRequest generates a "aws/request.Request" representing the
// client's request for the ListAccessPreviews operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAccessPreviews for more information on using the ListAccessPreviews
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListAccessPreviewsRequest method.
// req, resp := client.ListAccessPreviewsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviews
func (c *AccessAnalyzer) ListAccessPreviewsRequest(input *ListAccessPreviewsInput) (req *request.Request, output *ListAccessPreviewsOutput) {
op := &request.Operation{
Name: opListAccessPreviews,
HTTPMethod: "GET",
HTTPPath: "/access-preview",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListAccessPreviewsInput{}
}
output = &ListAccessPreviewsOutput{}
req = c.newRequest(op, input, output)
return
}
// ListAccessPreviews API operation for Access Analyzer.
//
// Retrieves a list of access previews for the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAccessPreviews for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAccessPreviews
func (c *AccessAnalyzer) ListAccessPreviews(input *ListAccessPreviewsInput) (*ListAccessPreviewsOutput, error) {
req, out := c.ListAccessPreviewsRequest(input)
return out, req.Send()
}
// ListAccessPreviewsWithContext is the same as ListAccessPreviews with the addition of
// the ability to pass a context and additional request options.
//
// See ListAccessPreviews for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewsWithContext(ctx aws.Context, input *ListAccessPreviewsInput, opts ...request.Option) (*ListAccessPreviewsOutput, error) {
req, out := c.ListAccessPreviewsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListAccessPreviewsPages iterates over the pages of a ListAccessPreviews operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAccessPreviews method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListAccessPreviews operation.
// pageNum := 0
// err := client.ListAccessPreviewsPages(params,
// func(page *accessanalyzer.ListAccessPreviewsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListAccessPreviewsPages(input *ListAccessPreviewsInput, fn func(*ListAccessPreviewsOutput, bool) bool) error {
return c.ListAccessPreviewsPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListAccessPreviewsPagesWithContext same as ListAccessPreviewsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAccessPreviewsPagesWithContext(ctx aws.Context, input *ListAccessPreviewsInput, fn func(*ListAccessPreviewsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListAccessPreviewsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListAccessPreviewsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListAccessPreviewsOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListAnalyzedResources = "ListAnalyzedResources"
// ListAnalyzedResourcesRequest generates a "aws/request.Request" representing the
// client's request for the ListAnalyzedResources operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAnalyzedResources for more information on using the ListAnalyzedResources
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListAnalyzedResourcesRequest method.
// req, resp := client.ListAnalyzedResourcesRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzedResources
func (c *AccessAnalyzer) ListAnalyzedResourcesRequest(input *ListAnalyzedResourcesInput) (req *request.Request, output *ListAnalyzedResourcesOutput) {
op := &request.Operation{
Name: opListAnalyzedResources,
HTTPMethod: "POST",
HTTPPath: "/analyzed-resource",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListAnalyzedResourcesInput{}
}
output = &ListAnalyzedResourcesOutput{}
req = c.newRequest(op, input, output)
return
}
// ListAnalyzedResources API operation for Access Analyzer.
//
// Retrieves a list of resources of the specified type that have been analyzed
// by the specified external access analyzer. This action is not supported for
// unused access analyzers.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAnalyzedResources for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzedResources
func (c *AccessAnalyzer) ListAnalyzedResources(input *ListAnalyzedResourcesInput) (*ListAnalyzedResourcesOutput, error) {
req, out := c.ListAnalyzedResourcesRequest(input)
return out, req.Send()
}
// ListAnalyzedResourcesWithContext is the same as ListAnalyzedResources with the addition of
// the ability to pass a context and additional request options.
//
// See ListAnalyzedResources for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzedResourcesWithContext(ctx aws.Context, input *ListAnalyzedResourcesInput, opts ...request.Option) (*ListAnalyzedResourcesOutput, error) {
req, out := c.ListAnalyzedResourcesRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListAnalyzedResourcesPages iterates over the pages of a ListAnalyzedResources operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAnalyzedResources method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListAnalyzedResources operation.
// pageNum := 0
// err := client.ListAnalyzedResourcesPages(params,
// func(page *accessanalyzer.ListAnalyzedResourcesOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListAnalyzedResourcesPages(input *ListAnalyzedResourcesInput, fn func(*ListAnalyzedResourcesOutput, bool) bool) error {
return c.ListAnalyzedResourcesPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListAnalyzedResourcesPagesWithContext same as ListAnalyzedResourcesPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzedResourcesPagesWithContext(ctx aws.Context, input *ListAnalyzedResourcesInput, fn func(*ListAnalyzedResourcesOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListAnalyzedResourcesInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListAnalyzedResourcesRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListAnalyzedResourcesOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListAnalyzers = "ListAnalyzers"
// ListAnalyzersRequest generates a "aws/request.Request" representing the
// client's request for the ListAnalyzers operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAnalyzers for more information on using the ListAnalyzers
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListAnalyzersRequest method.
// req, resp := client.ListAnalyzersRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzers
func (c *AccessAnalyzer) ListAnalyzersRequest(input *ListAnalyzersInput) (req *request.Request, output *ListAnalyzersOutput) {
op := &request.Operation{
Name: opListAnalyzers,
HTTPMethod: "GET",
HTTPPath: "/analyzer",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListAnalyzersInput{}
}
output = &ListAnalyzersOutput{}
req = c.newRequest(op, input, output)
return
}
// ListAnalyzers API operation for Access Analyzer.
//
// Retrieves a list of analyzers.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListAnalyzers for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListAnalyzers
func (c *AccessAnalyzer) ListAnalyzers(input *ListAnalyzersInput) (*ListAnalyzersOutput, error) {
req, out := c.ListAnalyzersRequest(input)
return out, req.Send()
}
// ListAnalyzersWithContext is the same as ListAnalyzers with the addition of
// the ability to pass a context and additional request options.
//
// See ListAnalyzers for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzersWithContext(ctx aws.Context, input *ListAnalyzersInput, opts ...request.Option) (*ListAnalyzersOutput, error) {
req, out := c.ListAnalyzersRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListAnalyzersPages iterates over the pages of a ListAnalyzers operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAnalyzers method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListAnalyzers operation.
// pageNum := 0
// err := client.ListAnalyzersPages(params,
// func(page *accessanalyzer.ListAnalyzersOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListAnalyzersPages(input *ListAnalyzersInput, fn func(*ListAnalyzersOutput, bool) bool) error {
return c.ListAnalyzersPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListAnalyzersPagesWithContext same as ListAnalyzersPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListAnalyzersPagesWithContext(ctx aws.Context, input *ListAnalyzersInput, fn func(*ListAnalyzersOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListAnalyzersInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListAnalyzersRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListAnalyzersOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListArchiveRules = "ListArchiveRules"
// ListArchiveRulesRequest generates a "aws/request.Request" representing the
// client's request for the ListArchiveRules operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListArchiveRules for more information on using the ListArchiveRules
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListArchiveRulesRequest method.
// req, resp := client.ListArchiveRulesRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListArchiveRules
func (c *AccessAnalyzer) ListArchiveRulesRequest(input *ListArchiveRulesInput) (req *request.Request, output *ListArchiveRulesOutput) {
op := &request.Operation{
Name: opListArchiveRules,
HTTPMethod: "GET",
HTTPPath: "/analyzer/{analyzerName}/archive-rule",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListArchiveRulesInput{}
}
output = &ListArchiveRulesOutput{}
req = c.newRequest(op, input, output)
return
}
// ListArchiveRules API operation for Access Analyzer.
//
// Retrieves a list of archive rules created for the specified analyzer.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListArchiveRules for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListArchiveRules
func (c *AccessAnalyzer) ListArchiveRules(input *ListArchiveRulesInput) (*ListArchiveRulesOutput, error) {
req, out := c.ListArchiveRulesRequest(input)
return out, req.Send()
}
// ListArchiveRulesWithContext is the same as ListArchiveRules with the addition of
// the ability to pass a context and additional request options.
//
// See ListArchiveRules for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListArchiveRulesWithContext(ctx aws.Context, input *ListArchiveRulesInput, opts ...request.Option) (*ListArchiveRulesOutput, error) {
req, out := c.ListArchiveRulesRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListArchiveRulesPages iterates over the pages of a ListArchiveRules operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListArchiveRules method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListArchiveRules operation.
// pageNum := 0
// err := client.ListArchiveRulesPages(params,
// func(page *accessanalyzer.ListArchiveRulesOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListArchiveRulesPages(input *ListArchiveRulesInput, fn func(*ListArchiveRulesOutput, bool) bool) error {
return c.ListArchiveRulesPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListArchiveRulesPagesWithContext same as ListArchiveRulesPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListArchiveRulesPagesWithContext(ctx aws.Context, input *ListArchiveRulesInput, fn func(*ListArchiveRulesOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListArchiveRulesInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListArchiveRulesRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListArchiveRulesOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListFindings = "ListFindings"
// ListFindingsRequest generates a "aws/request.Request" representing the
// client's request for the ListFindings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListFindings for more information on using the ListFindings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListFindingsRequest method.
// req, resp := client.ListFindingsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindings
func (c *AccessAnalyzer) ListFindingsRequest(input *ListFindingsInput) (req *request.Request, output *ListFindingsOutput) {
op := &request.Operation{
Name: opListFindings,
HTTPMethod: "POST",
HTTPPath: "/finding",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListFindingsInput{}
}
output = &ListFindingsOutput{}
req = c.newRequest(op, input, output)
return
}
// ListFindings API operation for Access Analyzer.
//
// Retrieves a list of findings generated by the specified analyzer. ListFindings
// and ListFindingsV2 both use access-analyzer:ListFindings in the Action element
// of an IAM policy statement. You must have permission to perform the access-analyzer:ListFindings
// action.
//
// To learn about filter keys that you can use to retrieve a list of findings,
// see IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListFindings for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindings
func (c *AccessAnalyzer) ListFindings(input *ListFindingsInput) (*ListFindingsOutput, error) {
req, out := c.ListFindingsRequest(input)
return out, req.Send()
}
// ListFindingsWithContext is the same as ListFindings with the addition of
// the ability to pass a context and additional request options.
//
// See ListFindings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsWithContext(ctx aws.Context, input *ListFindingsInput, opts ...request.Option) (*ListFindingsOutput, error) {
req, out := c.ListFindingsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListFindingsPages iterates over the pages of a ListFindings operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListFindings method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListFindings operation.
// pageNum := 0
// err := client.ListFindingsPages(params,
// func(page *accessanalyzer.ListFindingsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListFindingsPages(input *ListFindingsInput, fn func(*ListFindingsOutput, bool) bool) error {
return c.ListFindingsPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListFindingsPagesWithContext same as ListFindingsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsPagesWithContext(ctx aws.Context, input *ListFindingsInput, fn func(*ListFindingsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListFindingsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListFindingsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListFindingsOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListFindingsV2 = "ListFindingsV2"
// ListFindingsV2Request generates a "aws/request.Request" representing the
// client's request for the ListFindingsV2 operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListFindingsV2 for more information on using the ListFindingsV2
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListFindingsV2Request method.
// req, resp := client.ListFindingsV2Request(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindingsV2
func (c *AccessAnalyzer) ListFindingsV2Request(input *ListFindingsV2Input) (req *request.Request, output *ListFindingsV2Output) {
op := &request.Operation{
Name: opListFindingsV2,
HTTPMethod: "POST",
HTTPPath: "/findingv2",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListFindingsV2Input{}
}
output = &ListFindingsV2Output{}
req = c.newRequest(op, input, output)
return
}
// ListFindingsV2 API operation for Access Analyzer.
//
// Retrieves a list of findings generated by the specified analyzer. ListFindings
// and ListFindingsV2 both use access-analyzer:ListFindings in the Action element
// of an IAM policy statement. You must have permission to perform the access-analyzer:ListFindings
// action.
//
// To learn about filter keys that you can use to retrieve a list of findings,
// see IAM Access Analyzer filter keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html)
// in the IAM User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListFindingsV2 for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListFindingsV2
func (c *AccessAnalyzer) ListFindingsV2(input *ListFindingsV2Input) (*ListFindingsV2Output, error) {
req, out := c.ListFindingsV2Request(input)
return out, req.Send()
}
// ListFindingsV2WithContext is the same as ListFindingsV2 with the addition of
// the ability to pass a context and additional request options.
//
// See ListFindingsV2 for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsV2WithContext(ctx aws.Context, input *ListFindingsV2Input, opts ...request.Option) (*ListFindingsV2Output, error) {
req, out := c.ListFindingsV2Request(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListFindingsV2Pages iterates over the pages of a ListFindingsV2 operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListFindingsV2 method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListFindingsV2 operation.
// pageNum := 0
// err := client.ListFindingsV2Pages(params,
// func(page *accessanalyzer.ListFindingsV2Output, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListFindingsV2Pages(input *ListFindingsV2Input, fn func(*ListFindingsV2Output, bool) bool) error {
return c.ListFindingsV2PagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListFindingsV2PagesWithContext same as ListFindingsV2Pages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListFindingsV2PagesWithContext(ctx aws.Context, input *ListFindingsV2Input, fn func(*ListFindingsV2Output, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListFindingsV2Input
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListFindingsV2Request(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListFindingsV2Output), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListPolicyGenerations = "ListPolicyGenerations"
// ListPolicyGenerationsRequest generates a "aws/request.Request" representing the
// client's request for the ListPolicyGenerations operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListPolicyGenerations for more information on using the ListPolicyGenerations
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListPolicyGenerationsRequest method.
// req, resp := client.ListPolicyGenerationsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListPolicyGenerations
func (c *AccessAnalyzer) ListPolicyGenerationsRequest(input *ListPolicyGenerationsInput) (req *request.Request, output *ListPolicyGenerationsOutput) {
op := &request.Operation{
Name: opListPolicyGenerations,
HTTPMethod: "GET",
HTTPPath: "/policy/generation",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListPolicyGenerationsInput{}
}
output = &ListPolicyGenerationsOutput{}
req = c.newRequest(op, input, output)
return
}
// ListPolicyGenerations API operation for Access Analyzer.
//
// Lists all of the policy generations requested in the last seven days.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListPolicyGenerations for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListPolicyGenerations
func (c *AccessAnalyzer) ListPolicyGenerations(input *ListPolicyGenerationsInput) (*ListPolicyGenerationsOutput, error) {
req, out := c.ListPolicyGenerationsRequest(input)
return out, req.Send()
}
// ListPolicyGenerationsWithContext is the same as ListPolicyGenerations with the addition of
// the ability to pass a context and additional request options.
//
// See ListPolicyGenerations for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListPolicyGenerationsWithContext(ctx aws.Context, input *ListPolicyGenerationsInput, opts ...request.Option) (*ListPolicyGenerationsOutput, error) {
req, out := c.ListPolicyGenerationsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListPolicyGenerationsPages iterates over the pages of a ListPolicyGenerations operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListPolicyGenerations method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListPolicyGenerations operation.
// pageNum := 0
// err := client.ListPolicyGenerationsPages(params,
// func(page *accessanalyzer.ListPolicyGenerationsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ListPolicyGenerationsPages(input *ListPolicyGenerationsInput, fn func(*ListPolicyGenerationsOutput, bool) bool) error {
return c.ListPolicyGenerationsPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListPolicyGenerationsPagesWithContext same as ListPolicyGenerationsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListPolicyGenerationsPagesWithContext(ctx aws.Context, input *ListPolicyGenerationsInput, fn func(*ListPolicyGenerationsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListPolicyGenerationsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListPolicyGenerationsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ListPolicyGenerationsOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
const opListTagsForResource = "ListTagsForResource"
// ListTagsForResourceRequest generates a "aws/request.Request" representing the
// client's request for the ListTagsForResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListTagsForResource for more information on using the ListTagsForResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ListTagsForResourceRequest method.
// req, resp := client.ListTagsForResourceRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListTagsForResource
func (c *AccessAnalyzer) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) {
op := &request.Operation{
Name: opListTagsForResource,
HTTPMethod: "GET",
HTTPPath: "/tags/{resourceArn}",
}
if input == nil {
input = &ListTagsForResourceInput{}
}
output = &ListTagsForResourceOutput{}
req = c.newRequest(op, input, output)
return
}
// ListTagsForResource API operation for Access Analyzer.
//
// Retrieves a list of tags applied to the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ListTagsForResource for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ListTagsForResource
func (c *AccessAnalyzer) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) {
req, out := c.ListTagsForResourceRequest(input)
return out, req.Send()
}
// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of
// the ability to pass a context and additional request options.
//
// See ListTagsForResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) {
req, out := c.ListTagsForResourceRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opStartPolicyGeneration = "StartPolicyGeneration"
// StartPolicyGenerationRequest generates a "aws/request.Request" representing the
// client's request for the StartPolicyGeneration operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See StartPolicyGeneration for more information on using the StartPolicyGeneration
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the StartPolicyGenerationRequest method.
// req, resp := client.StartPolicyGenerationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartPolicyGeneration
func (c *AccessAnalyzer) StartPolicyGenerationRequest(input *StartPolicyGenerationInput) (req *request.Request, output *StartPolicyGenerationOutput) {
op := &request.Operation{
Name: opStartPolicyGeneration,
HTTPMethod: "PUT",
HTTPPath: "/policy/generation",
}
if input == nil {
input = &StartPolicyGenerationInput{}
}
output = &StartPolicyGenerationOutput{}
req = c.newRequest(op, input, output)
return
}
// StartPolicyGeneration API operation for Access Analyzer.
//
// Starts the policy generation request.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation StartPolicyGeneration for usage and error information.
//
// Returned Error Types:
//
// - ConflictException
// A conflict exception error.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ServiceQuotaExceededException
// Service quote met error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartPolicyGeneration
func (c *AccessAnalyzer) StartPolicyGeneration(input *StartPolicyGenerationInput) (*StartPolicyGenerationOutput, error) {
req, out := c.StartPolicyGenerationRequest(input)
return out, req.Send()
}
// StartPolicyGenerationWithContext is the same as StartPolicyGeneration with the addition of
// the ability to pass a context and additional request options.
//
// See StartPolicyGeneration for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) StartPolicyGenerationWithContext(ctx aws.Context, input *StartPolicyGenerationInput, opts ...request.Option) (*StartPolicyGenerationOutput, error) {
req, out := c.StartPolicyGenerationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opStartResourceScan = "StartResourceScan"
// StartResourceScanRequest generates a "aws/request.Request" representing the
// client's request for the StartResourceScan operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See StartResourceScan for more information on using the StartResourceScan
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the StartResourceScanRequest method.
// req, resp := client.StartResourceScanRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartResourceScan
func (c *AccessAnalyzer) StartResourceScanRequest(input *StartResourceScanInput) (req *request.Request, output *StartResourceScanOutput) {
op := &request.Operation{
Name: opStartResourceScan,
HTTPMethod: "POST",
HTTPPath: "/resource/scan",
}
if input == nil {
input = &StartResourceScanInput{}
}
output = &StartResourceScanOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// StartResourceScan API operation for Access Analyzer.
//
// Immediately starts a scan of the policies applied to the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation StartResourceScan for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/StartResourceScan
func (c *AccessAnalyzer) StartResourceScan(input *StartResourceScanInput) (*StartResourceScanOutput, error) {
req, out := c.StartResourceScanRequest(input)
return out, req.Send()
}
// StartResourceScanWithContext is the same as StartResourceScan with the addition of
// the ability to pass a context and additional request options.
//
// See StartResourceScan for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) StartResourceScanWithContext(ctx aws.Context, input *StartResourceScanInput, opts ...request.Option) (*StartResourceScanOutput, error) {
req, out := c.StartResourceScanRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opTagResource = "TagResource"
// TagResourceRequest generates a "aws/request.Request" representing the
// client's request for the TagResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See TagResource for more information on using the TagResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the TagResourceRequest method.
// req, resp := client.TagResourceRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/TagResource
func (c *AccessAnalyzer) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) {
op := &request.Operation{
Name: opTagResource,
HTTPMethod: "POST",
HTTPPath: "/tags/{resourceArn}",
}
if input == nil {
input = &TagResourceInput{}
}
output = &TagResourceOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// TagResource API operation for Access Analyzer.
//
// Adds a tag to the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation TagResource for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/TagResource
func (c *AccessAnalyzer) TagResource(input *TagResourceInput) (*TagResourceOutput, error) {
req, out := c.TagResourceRequest(input)
return out, req.Send()
}
// TagResourceWithContext is the same as TagResource with the addition of
// the ability to pass a context and additional request options.
//
// See TagResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) {
req, out := c.TagResourceRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opUntagResource = "UntagResource"
// UntagResourceRequest generates a "aws/request.Request" representing the
// client's request for the UntagResource operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UntagResource for more information on using the UntagResource
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the UntagResourceRequest method.
// req, resp := client.UntagResourceRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UntagResource
func (c *AccessAnalyzer) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) {
op := &request.Operation{
Name: opUntagResource,
HTTPMethod: "DELETE",
HTTPPath: "/tags/{resourceArn}",
}
if input == nil {
input = &UntagResourceInput{}
}
output = &UntagResourceOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// UntagResource API operation for Access Analyzer.
//
// Removes a tag from the specified resource.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation UntagResource for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UntagResource
func (c *AccessAnalyzer) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) {
req, out := c.UntagResourceRequest(input)
return out, req.Send()
}
// UntagResourceWithContext is the same as UntagResource with the addition of
// the ability to pass a context and additional request options.
//
// See UntagResource for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) {
req, out := c.UntagResourceRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opUpdateArchiveRule = "UpdateArchiveRule"
// UpdateArchiveRuleRequest generates a "aws/request.Request" representing the
// client's request for the UpdateArchiveRule operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateArchiveRule for more information on using the UpdateArchiveRule
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the UpdateArchiveRuleRequest method.
// req, resp := client.UpdateArchiveRuleRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateArchiveRule
func (c *AccessAnalyzer) UpdateArchiveRuleRequest(input *UpdateArchiveRuleInput) (req *request.Request, output *UpdateArchiveRuleOutput) {
op := &request.Operation{
Name: opUpdateArchiveRule,
HTTPMethod: "PUT",
HTTPPath: "/analyzer/{analyzerName}/archive-rule/{ruleName}",
}
if input == nil {
input = &UpdateArchiveRuleInput{}
}
output = &UpdateArchiveRuleOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// UpdateArchiveRule API operation for Access Analyzer.
//
// Updates the criteria and values for the specified archive rule.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation UpdateArchiveRule for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateArchiveRule
func (c *AccessAnalyzer) UpdateArchiveRule(input *UpdateArchiveRuleInput) (*UpdateArchiveRuleOutput, error) {
req, out := c.UpdateArchiveRuleRequest(input)
return out, req.Send()
}
// UpdateArchiveRuleWithContext is the same as UpdateArchiveRule with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateArchiveRule for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) UpdateArchiveRuleWithContext(ctx aws.Context, input *UpdateArchiveRuleInput, opts ...request.Option) (*UpdateArchiveRuleOutput, error) {
req, out := c.UpdateArchiveRuleRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opUpdateFindings = "UpdateFindings"
// UpdateFindingsRequest generates a "aws/request.Request" representing the
// client's request for the UpdateFindings operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateFindings for more information on using the UpdateFindings
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the UpdateFindingsRequest method.
// req, resp := client.UpdateFindingsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateFindings
func (c *AccessAnalyzer) UpdateFindingsRequest(input *UpdateFindingsInput) (req *request.Request, output *UpdateFindingsOutput) {
op := &request.Operation{
Name: opUpdateFindings,
HTTPMethod: "PUT",
HTTPPath: "/finding",
}
if input == nil {
input = &UpdateFindingsInput{}
}
output = &UpdateFindingsOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
return
}
// UpdateFindings API operation for Access Analyzer.
//
// Updates the status for the specified findings.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation UpdateFindings for usage and error information.
//
// Returned Error Types:
//
// - ResourceNotFoundException
// The specified resource could not be found.
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/UpdateFindings
func (c *AccessAnalyzer) UpdateFindings(input *UpdateFindingsInput) (*UpdateFindingsOutput, error) {
req, out := c.UpdateFindingsRequest(input)
return out, req.Send()
}
// UpdateFindingsWithContext is the same as UpdateFindings with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateFindings for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) UpdateFindingsWithContext(ctx aws.Context, input *UpdateFindingsInput, opts ...request.Option) (*UpdateFindingsOutput, error) {
req, out := c.UpdateFindingsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opValidatePolicy = "ValidatePolicy"
// ValidatePolicyRequest generates a "aws/request.Request" representing the
// client's request for the ValidatePolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfully.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ValidatePolicy for more information on using the ValidatePolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
// // Example sending a request using the ValidatePolicyRequest method.
// req, resp := client.ValidatePolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ValidatePolicy
func (c *AccessAnalyzer) ValidatePolicyRequest(input *ValidatePolicyInput) (req *request.Request, output *ValidatePolicyOutput) {
op := &request.Operation{
Name: opValidatePolicy,
HTTPMethod: "POST",
HTTPPath: "/policy/validation",
Paginator: &request.Paginator{
InputTokens: []string{"nextToken"},
OutputTokens: []string{"nextToken"},
LimitToken: "maxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ValidatePolicyInput{}
}
output = &ValidatePolicyOutput{}
req = c.newRequest(op, input, output)
return
}
// ValidatePolicy API operation for Access Analyzer.
//
// Requests the validation of a policy and returns a list of findings. The findings
// help you identify issues and provide actionable recommendations to resolve
// the issue and enable you to author functional policies that meet security
// best practices.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for Access Analyzer's
// API operation ValidatePolicy for usage and error information.
//
// Returned Error Types:
//
// - ValidationException
// Validation exception error.
//
// - InternalServerException
// Internal server error.
//
// - ThrottlingException
// Throttling limit exceeded error.
//
// - AccessDeniedException
// You do not have sufficient access to perform this action.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/ValidatePolicy
func (c *AccessAnalyzer) ValidatePolicy(input *ValidatePolicyInput) (*ValidatePolicyOutput, error) {
req, out := c.ValidatePolicyRequest(input)
return out, req.Send()
}
// ValidatePolicyWithContext is the same as ValidatePolicy with the addition of
// the ability to pass a context and additional request options.
//
// See ValidatePolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ValidatePolicyWithContext(ctx aws.Context, input *ValidatePolicyInput, opts ...request.Option) (*ValidatePolicyOutput, error) {
req, out := c.ValidatePolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ValidatePolicyPages iterates over the pages of a ValidatePolicy operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ValidatePolicy method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ValidatePolicy operation.
// pageNum := 0
// err := client.ValidatePolicyPages(params,
// func(page *accessanalyzer.ValidatePolicyOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
func (c *AccessAnalyzer) ValidatePolicyPages(input *ValidatePolicyInput, fn func(*ValidatePolicyOutput, bool) bool) error {
return c.ValidatePolicyPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ValidatePolicyPagesWithContext same as ValidatePolicyPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *AccessAnalyzer) ValidatePolicyPagesWithContext(ctx aws.Context, input *ValidatePolicyInput, fn func(*ValidatePolicyOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ValidatePolicyInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ValidatePolicyRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
for p.Next() {
if !fn(p.Page().(*ValidatePolicyOutput), !p.HasNextPage()) {
break
}
}
return p.Err()
}
// Contains information about actions and resources that define permissions
// to check against a policy.
type Access struct {
_ struct{} `type:"structure"`
// A list of actions for the access permissions. Any strings that can be used
// as an action in an IAM policy can be used in the list of actions to check.
Actions []*string `locationName:"actions" type:"list"`
// A list of resources for the access permissions. Any strings that can be used
// as a resource in an IAM policy can be used in the list of resources to check.
Resources []*string `locationName:"resources" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Access) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Access) GoString() string {
return s.String()
}
// SetActions sets the Actions field's value.
func (s *Access) SetActions(v []*string) *Access {
s.Actions = v
return s
}
// SetResources sets the Resources field's value.
func (s *Access) SetResources(v []*string) *Access {
s.Resources = v
return s
}
// You do not have sufficient access to perform this action.
type AccessDeniedException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessDeniedException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessDeniedException) GoString() string {
return s.String()
}
func newErrorAccessDeniedException(v protocol.ResponseMetadata) error {
return &AccessDeniedException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *AccessDeniedException) Code() string {
return "AccessDeniedException"
}
// Message returns the exception's message.
func (s *AccessDeniedException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *AccessDeniedException) OrigErr() error {
return nil
}
func (s *AccessDeniedException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
func (s *AccessDeniedException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *AccessDeniedException) RequestID() string {
return s.RespMetadata.RequestID
}
// Contains information about an access preview.
type AccessPreview struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer used to generate the access preview.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// A map of resource ARNs for the proposed resource configuration.
//
// Configurations is a required field
Configurations map[string]*Configuration `locationName:"configurations" type:"map" required:"true"`
// The time at which the access preview was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The unique ID for the access preview.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
// The status of the access preview.
//
// * Creating - The access preview creation is in progress.
//
// * Completed - The access preview is complete. You can preview findings
// for external access to the resource.
//
// * Failed - The access preview creation has failed.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"AccessPreviewStatus"`
// Provides more details about the current status of the access preview.
//
// For example, if the creation of the access preview fails, a Failed status
// is returned. This failure can be due to an internal issue with the analysis
// or due to an invalid resource configuration.
StatusReason *AccessPreviewStatusReason `locationName:"statusReason" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreview) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreview) GoString() string {
return s.String()
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *AccessPreview) SetAnalyzerArn(v string) *AccessPreview {
s.AnalyzerArn = &v
return s
}
// SetConfigurations sets the Configurations field's value.
func (s *AccessPreview) SetConfigurations(v map[string]*Configuration) *AccessPreview {
s.Configurations = v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *AccessPreview) SetCreatedAt(v time.Time) *AccessPreview {
s.CreatedAt = &v
return s
}
// SetId sets the Id field's value.
func (s *AccessPreview) SetId(v string) *AccessPreview {
s.Id = &v
return s
}
// SetStatus sets the Status field's value.
func (s *AccessPreview) SetStatus(v string) *AccessPreview {
s.Status = &v
return s
}
// SetStatusReason sets the StatusReason field's value.
func (s *AccessPreview) SetStatusReason(v *AccessPreviewStatusReason) *AccessPreview {
s.StatusReason = v
return s
}
// An access preview finding generated by the access preview.
type AccessPreviewFinding struct {
_ struct{} `type:"structure"`
// The action in the analyzed policy statement that an external principal has
// permission to perform.
Action []*string `locationName:"action" type:"list"`
// Provides context on how the access preview finding compares to existing access
// identified in IAM Access Analyzer.
//
// * New - The finding is for newly-introduced access.
//
// * Unchanged - The preview finding is an existing finding that would remain
// unchanged.
//
// * Changed - The preview finding is an existing finding with a change in
// status.
//
// For example, a Changed finding with preview status Resolved and existing
// status Active indicates the existing Active finding would become Resolved
// as a result of the proposed permissions change.
//
// ChangeType is a required field
ChangeType *string `locationName:"changeType" type:"string" required:"true" enum:"FindingChangeType"`
// The condition in the analyzed policy statement that resulted in a finding.
Condition map[string]*string `locationName:"condition" type:"map"`
// The time at which the access preview finding was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// An error.
Error *string `locationName:"error" type:"string"`
// The existing ID of the finding in IAM Access Analyzer, provided only for
// existing findings.
ExistingFindingId *string `locationName:"existingFindingId" type:"string"`
// The existing status of the finding, provided only for existing findings.
ExistingFindingStatus *string `locationName:"existingFindingStatus" type:"string" enum:"FindingStatus"`
// The ID of the access preview finding. This ID uniquely identifies the element
// in the list of access preview findings and is not related to the finding
// ID in Access Analyzer.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
// Indicates whether the policy that generated the finding allows public access
// to the resource.
IsPublic *bool `locationName:"isPublic" type:"boolean"`
// The external principal that has access to a resource within the zone of trust.
Principal map[string]*string `locationName:"principal" type:"map"`
// The resource that an external principal has access to. This is the resource
// associated with the access preview.
Resource *string `locationName:"resource" type:"string"`
// The Amazon Web Services account ID that owns the resource. For most Amazon
// Web Services resources, the owning account is the account in which the resource
// was created.
//
// ResourceOwnerAccount is a required field
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`
// The type of the resource that can be accessed in the finding.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
// The sources of the finding. This indicates how the access that generated
// the finding is granted. It is populated for Amazon S3 bucket findings.
Sources []*FindingSource `locationName:"sources" type:"list"`
// The preview status of the finding. This is what the status of the finding
// would be after permissions deployment. For example, a Changed finding with
// preview status Resolved and existing status Active indicates the existing
// Active finding would become Resolved as a result of the proposed permissions
// change.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewFinding) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewFinding) GoString() string {
return s.String()
}
// SetAction sets the Action field's value.
func (s *AccessPreviewFinding) SetAction(v []*string) *AccessPreviewFinding {
s.Action = v
return s
}
// SetChangeType sets the ChangeType field's value.
func (s *AccessPreviewFinding) SetChangeType(v string) *AccessPreviewFinding {
s.ChangeType = &v
return s
}
// SetCondition sets the Condition field's value.
func (s *AccessPreviewFinding) SetCondition(v map[string]*string) *AccessPreviewFinding {
s.Condition = v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *AccessPreviewFinding) SetCreatedAt(v time.Time) *AccessPreviewFinding {
s.CreatedAt = &v
return s
}
// SetError sets the Error field's value.
func (s *AccessPreviewFinding) SetError(v string) *AccessPreviewFinding {
s.Error = &v
return s
}
// SetExistingFindingId sets the ExistingFindingId field's value.
func (s *AccessPreviewFinding) SetExistingFindingId(v string) *AccessPreviewFinding {
s.ExistingFindingId = &v
return s
}
// SetExistingFindingStatus sets the ExistingFindingStatus field's value.
func (s *AccessPreviewFinding) SetExistingFindingStatus(v string) *AccessPreviewFinding {
s.ExistingFindingStatus = &v
return s
}
// SetId sets the Id field's value.
func (s *AccessPreviewFinding) SetId(v string) *AccessPreviewFinding {
s.Id = &v
return s
}
// SetIsPublic sets the IsPublic field's value.
func (s *AccessPreviewFinding) SetIsPublic(v bool) *AccessPreviewFinding {
s.IsPublic = &v
return s
}
// SetPrincipal sets the Principal field's value.
func (s *AccessPreviewFinding) SetPrincipal(v map[string]*string) *AccessPreviewFinding {
s.Principal = v
return s
}
// SetResource sets the Resource field's value.
func (s *AccessPreviewFinding) SetResource(v string) *AccessPreviewFinding {
s.Resource = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *AccessPreviewFinding) SetResourceOwnerAccount(v string) *AccessPreviewFinding {
s.ResourceOwnerAccount = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *AccessPreviewFinding) SetResourceType(v string) *AccessPreviewFinding {
s.ResourceType = &v
return s
}
// SetSources sets the Sources field's value.
func (s *AccessPreviewFinding) SetSources(v []*FindingSource) *AccessPreviewFinding {
s.Sources = v
return s
}
// SetStatus sets the Status field's value.
func (s *AccessPreviewFinding) SetStatus(v string) *AccessPreviewFinding {
s.Status = &v
return s
}
// Provides more details about the current status of the access preview. For
// example, if the creation of the access preview fails, a Failed status is
// returned. This failure can be due to an internal issue with the analysis
// or due to an invalid proposed resource configuration.
type AccessPreviewStatusReason struct {
_ struct{} `type:"structure"`
// The reason code for the current status of the access preview.
//
// Code is a required field
Code *string `locationName:"code" type:"string" required:"true" enum:"AccessPreviewStatusReasonCode"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewStatusReason) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewStatusReason) GoString() string {
return s.String()
}
// SetCode sets the Code field's value.
func (s *AccessPreviewStatusReason) SetCode(v string) *AccessPreviewStatusReason {
s.Code = &v
return s
}
// Contains a summary of information about an access preview.
type AccessPreviewSummary struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer used to generate the access preview.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// The time at which the access preview was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The unique ID for the access preview.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
// The status of the access preview.
//
// * Creating - The access preview creation is in progress.
//
// * Completed - The access preview is complete and previews the findings
// for external access to the resource.
//
// * Failed - The access preview creation has failed.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"AccessPreviewStatus"`
// Provides more details about the current status of the access preview. For
// example, if the creation of the access preview fails, a Failed status is
// returned. This failure can be due to an internal issue with the analysis
// or due to an invalid proposed resource configuration.
StatusReason *AccessPreviewStatusReason `locationName:"statusReason" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AccessPreviewSummary) GoString() string {
return s.String()
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *AccessPreviewSummary) SetAnalyzerArn(v string) *AccessPreviewSummary {
s.AnalyzerArn = &v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *AccessPreviewSummary) SetCreatedAt(v time.Time) *AccessPreviewSummary {
s.CreatedAt = &v
return s
}
// SetId sets the Id field's value.
func (s *AccessPreviewSummary) SetId(v string) *AccessPreviewSummary {
s.Id = &v
return s
}
// SetStatus sets the Status field's value.
func (s *AccessPreviewSummary) SetStatus(v string) *AccessPreviewSummary {
s.Status = &v
return s
}
// SetStatusReason sets the StatusReason field's value.
func (s *AccessPreviewSummary) SetStatusReason(v *AccessPreviewStatusReason) *AccessPreviewSummary {
s.StatusReason = v
return s
}
// You specify each grantee as a type-value pair using one of these types. You
// can specify only one type of grantee. For more information, see PutBucketAcl
// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAcl.html).
type AclGrantee struct {
_ struct{} `type:"structure"`
// The value specified is the canonical user ID of an Amazon Web Services account.
Id *string `locationName:"id" type:"string"`
// Used for granting permissions to a predefined group.
Uri *string `locationName:"uri" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AclGrantee) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AclGrantee) GoString() string {
return s.String()
}
// SetId sets the Id field's value.
func (s *AclGrantee) SetId(v string) *AclGrantee {
s.Id = &v
return s
}
// SetUri sets the Uri field's value.
func (s *AclGrantee) SetUri(v string) *AclGrantee {
s.Uri = &v
return s
}
// Contains details about the analyzed resource.
type AnalyzedResource struct {
_ struct{} `type:"structure"`
// The actions that an external principal is granted permission to use by the
// policy that generated the finding.
Actions []*string `locationName:"actions" type:"list"`
// The time at which the resource was analyzed.
//
// AnalyzedAt is a required field
AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The time at which the finding was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// An error message.
Error *string `locationName:"error" type:"string"`
// Indicates whether the policy that generated the finding grants public access
// to the resource.
//
// IsPublic is a required field
IsPublic *bool `locationName:"isPublic" type:"boolean" required:"true"`
// The ARN of the resource that was analyzed.
//
// ResourceArn is a required field
ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"`
// The Amazon Web Services account ID that owns the resource.
//
// ResourceOwnerAccount is a required field
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`
// The type of the resource that was analyzed.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
// Indicates how the access that generated the finding is granted. This is populated
// for Amazon S3 bucket findings.
SharedVia []*string `locationName:"sharedVia" type:"list"`
// The current status of the finding generated from the analyzed resource.
Status *string `locationName:"status" type:"string" enum:"FindingStatus"`
// The time at which the finding was updated.
//
// UpdatedAt is a required field
UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResource) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResource) GoString() string {
return s.String()
}
// SetActions sets the Actions field's value.
func (s *AnalyzedResource) SetActions(v []*string) *AnalyzedResource {
s.Actions = v
return s
}
// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *AnalyzedResource) SetAnalyzedAt(v time.Time) *AnalyzedResource {
s.AnalyzedAt = &v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *AnalyzedResource) SetCreatedAt(v time.Time) *AnalyzedResource {
s.CreatedAt = &v
return s
}
// SetError sets the Error field's value.
func (s *AnalyzedResource) SetError(v string) *AnalyzedResource {
s.Error = &v
return s
}
// SetIsPublic sets the IsPublic field's value.
func (s *AnalyzedResource) SetIsPublic(v bool) *AnalyzedResource {
s.IsPublic = &v
return s
}
// SetResourceArn sets the ResourceArn field's value.
func (s *AnalyzedResource) SetResourceArn(v string) *AnalyzedResource {
s.ResourceArn = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *AnalyzedResource) SetResourceOwnerAccount(v string) *AnalyzedResource {
s.ResourceOwnerAccount = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *AnalyzedResource) SetResourceType(v string) *AnalyzedResource {
s.ResourceType = &v
return s
}
// SetSharedVia sets the SharedVia field's value.
func (s *AnalyzedResource) SetSharedVia(v []*string) *AnalyzedResource {
s.SharedVia = v
return s
}
// SetStatus sets the Status field's value.
func (s *AnalyzedResource) SetStatus(v string) *AnalyzedResource {
s.Status = &v
return s
}
// SetUpdatedAt sets the UpdatedAt field's value.
func (s *AnalyzedResource) SetUpdatedAt(v time.Time) *AnalyzedResource {
s.UpdatedAt = &v
return s
}
// Contains the ARN of the analyzed resource.
type AnalyzedResourceSummary struct {
_ struct{} `type:"structure"`
// The ARN of the analyzed resource.
//
// ResourceArn is a required field
ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"`
// The Amazon Web Services account ID that owns the resource.
//
// ResourceOwnerAccount is a required field
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`
// The type of resource that was analyzed.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResourceSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzedResourceSummary) GoString() string {
return s.String()
}
// SetResourceArn sets the ResourceArn field's value.
func (s *AnalyzedResourceSummary) SetResourceArn(v string) *AnalyzedResourceSummary {
s.ResourceArn = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *AnalyzedResourceSummary) SetResourceOwnerAccount(v string) *AnalyzedResourceSummary {
s.ResourceOwnerAccount = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *AnalyzedResourceSummary) SetResourceType(v string) *AnalyzedResourceSummary {
s.ResourceType = &v
return s
}
// Contains information about the configuration of an unused access analyzer
// for an Amazon Web Services organization or account.
type AnalyzerConfiguration struct {
_ struct{} `type:"structure"`
// Specifies the configuration of an unused access analyzer for an Amazon Web
// Services organization or account. External access analyzers do not support
// any configuration.
UnusedAccess *UnusedAccessConfiguration `locationName:"unusedAccess" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerConfiguration) GoString() string {
return s.String()
}
// SetUnusedAccess sets the UnusedAccess field's value.
func (s *AnalyzerConfiguration) SetUnusedAccess(v *UnusedAccessConfiguration) *AnalyzerConfiguration {
s.UnusedAccess = v
return s
}
// Contains information about the analyzer.
type AnalyzerSummary struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer.
//
// Arn is a required field
Arn *string `locationName:"arn" type:"string" required:"true"`
// Specifies whether the analyzer is an external access or unused access analyzer.
Configuration *AnalyzerConfiguration `locationName:"configuration" type:"structure"`
// A timestamp for the time at which the analyzer was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The resource that was most recently analyzed by the analyzer.
LastResourceAnalyzed *string `locationName:"lastResourceAnalyzed" type:"string"`
// The time at which the most recently analyzed resource was analyzed.
LastResourceAnalyzedAt *time.Time `locationName:"lastResourceAnalyzedAt" type:"timestamp" timestampFormat:"iso8601"`
// The name of the analyzer.
//
// Name is a required field
Name *string `locationName:"name" min:"1" type:"string" required:"true"`
// The status of the analyzer. An Active analyzer successfully monitors supported
// resources and generates new findings. The analyzer is Disabled when a user
// action, such as removing trusted access for Identity and Access Management
// Access Analyzer from Organizations, causes the analyzer to stop generating
// new findings. The status is Creating when the analyzer creation is in progress
// and Failed when the analyzer creation has failed.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"AnalyzerStatus"`
// The statusReason provides more details about the current status of the analyzer.
// For example, if the creation for the analyzer fails, a Failed status is returned.
// For an analyzer with organization as the type, this failure can be due to
// an issue with creating the service-linked roles required in the member accounts
// of the Amazon Web Services organization.
StatusReason *StatusReason `locationName:"statusReason" type:"structure"`
// The tags added to the analyzer.
Tags map[string]*string `locationName:"tags" type:"map"`
// The type of analyzer, which corresponds to the zone of trust chosen for the
// analyzer.
//
// Type is a required field
Type *string `locationName:"type" type:"string" required:"true" enum:"Type"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s AnalyzerSummary) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *AnalyzerSummary) SetArn(v string) *AnalyzerSummary {
s.Arn = &v
return s
}
// SetConfiguration sets the Configuration field's value.
func (s *AnalyzerSummary) SetConfiguration(v *AnalyzerConfiguration) *AnalyzerSummary {
s.Configuration = v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *AnalyzerSummary) SetCreatedAt(v time.Time) *AnalyzerSummary {
s.CreatedAt = &v
return s
}
// SetLastResourceAnalyzed sets the LastResourceAnalyzed field's value.
func (s *AnalyzerSummary) SetLastResourceAnalyzed(v string) *AnalyzerSummary {
s.LastResourceAnalyzed = &v
return s
}
// SetLastResourceAnalyzedAt sets the LastResourceAnalyzedAt field's value.
func (s *AnalyzerSummary) SetLastResourceAnalyzedAt(v time.Time) *AnalyzerSummary {
s.LastResourceAnalyzedAt = &v
return s
}
// SetName sets the Name field's value.
func (s *AnalyzerSummary) SetName(v string) *AnalyzerSummary {
s.Name = &v
return s
}
// SetStatus sets the Status field's value.
func (s *AnalyzerSummary) SetStatus(v string) *AnalyzerSummary {
s.Status = &v
return s
}
// SetStatusReason sets the StatusReason field's value.
func (s *AnalyzerSummary) SetStatusReason(v *StatusReason) *AnalyzerSummary {
s.StatusReason = v
return s
}
// SetTags sets the Tags field's value.
func (s *AnalyzerSummary) SetTags(v map[string]*string) *AnalyzerSummary {
s.Tags = v
return s
}
// SetType sets the Type field's value.
func (s *AnalyzerSummary) SetType(v string) *AnalyzerSummary {
s.Type = &v
return s
}
// Retroactively applies an archive rule.
type ApplyArchiveRuleInput struct {
_ struct{} `type:"structure"`
// The Amazon resource name (ARN) of the analyzer.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// A client token.
ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
// The name of the rule to apply.
//
// RuleName is a required field
RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ApplyArchiveRuleInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ApplyArchiveRuleInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.RuleName == nil {
invalidParams.Add(request.NewErrParamRequired("RuleName"))
}
if s.RuleName != nil && len(*s.RuleName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ApplyArchiveRuleInput) SetAnalyzerArn(v string) *ApplyArchiveRuleInput {
s.AnalyzerArn = &v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *ApplyArchiveRuleInput) SetClientToken(v string) *ApplyArchiveRuleInput {
s.ClientToken = &v
return s
}
// SetRuleName sets the RuleName field's value.
func (s *ApplyArchiveRuleInput) SetRuleName(v string) *ApplyArchiveRuleInput {
s.RuleName = &v
return s
}
type ApplyArchiveRuleOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ApplyArchiveRuleOutput) GoString() string {
return s.String()
}
// Contains information about an archive rule.
type ArchiveRuleSummary struct {
_ struct{} `type:"structure"`
// The time at which the archive rule was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// A filter used to define the archive rule.
//
// Filter is a required field
Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`
// The name of the archive rule.
//
// RuleName is a required field
RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`
// The time at which the archive rule was last updated.
//
// UpdatedAt is a required field
UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ArchiveRuleSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ArchiveRuleSummary) GoString() string {
return s.String()
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *ArchiveRuleSummary) SetCreatedAt(v time.Time) *ArchiveRuleSummary {
s.CreatedAt = &v
return s
}
// SetFilter sets the Filter field's value.
func (s *ArchiveRuleSummary) SetFilter(v map[string]*Criterion) *ArchiveRuleSummary {
s.Filter = v
return s
}
// SetRuleName sets the RuleName field's value.
func (s *ArchiveRuleSummary) SetRuleName(v string) *ArchiveRuleSummary {
s.RuleName = &v
return s
}
// SetUpdatedAt sets the UpdatedAt field's value.
func (s *ArchiveRuleSummary) SetUpdatedAt(v time.Time) *ArchiveRuleSummary {
s.UpdatedAt = &v
return s
}
type CancelPolicyGenerationInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The JobId that is returned by the StartPolicyGeneration operation. The JobId
// can be used with GetGeneratedPolicy to retrieve the generated policies or
// used with CancelPolicyGeneration to cancel the policy generation request.
//
// JobId is a required field
JobId *string `location:"uri" locationName:"jobId" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CancelPolicyGenerationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CancelPolicyGenerationInput"}
if s.JobId == nil {
invalidParams.Add(request.NewErrParamRequired("JobId"))
}
if s.JobId != nil && len(*s.JobId) < 1 {
invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetJobId sets the JobId field's value.
func (s *CancelPolicyGenerationInput) SetJobId(v string) *CancelPolicyGenerationInput {
s.JobId = &v
return s
}
type CancelPolicyGenerationOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CancelPolicyGenerationOutput) GoString() string {
return s.String()
}
type CheckAccessNotGrantedInput struct {
_ struct{} `type:"structure"`
// An access object containing the permissions that shouldn't be granted by
// the specified policy. If only actions are specified, IAM Access Analyzer
// checks for access of the actions on all resources in the policy. If only
// resources are specified, then IAM Access Analyzer checks which actions have
// access to the specified resources. If both actions and resources are specified,
// then IAM Access Analyzer checks which of the specified actions have access
// to the specified resources.
//
// Access is a required field
Access []*Access `locationName:"access" type:"list" required:"true"`
// The JSON policy document to use as the content for the policy.
//
// PolicyDocument is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CheckAccessNotGrantedInput's
// String and GoString methods.
//
// PolicyDocument is a required field
PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true" sensitive:"true"`
// The type of policy. Identity policies grant permissions to IAM principals.
// Identity policies include managed and inline policies for IAM roles, users,
// and groups.
//
// Resource policies grant permissions on Amazon Web Services resources. Resource
// policies include trust policies for IAM roles and bucket policies for Amazon
// S3 buckets. You can provide a generic input such as identity policy or resource
// policy or a specific input such as managed policy or Amazon S3 bucket policy.
//
// PolicyType is a required field
PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"AccessCheckPolicyType"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CheckAccessNotGrantedInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CheckAccessNotGrantedInput"}
if s.Access == nil {
invalidParams.Add(request.NewErrParamRequired("Access"))
}
if s.PolicyDocument == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
}
if s.PolicyType == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyType"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccess sets the Access field's value.
func (s *CheckAccessNotGrantedInput) SetAccess(v []*Access) *CheckAccessNotGrantedInput {
s.Access = v
return s
}
// SetPolicyDocument sets the PolicyDocument field's value.
func (s *CheckAccessNotGrantedInput) SetPolicyDocument(v string) *CheckAccessNotGrantedInput {
s.PolicyDocument = &v
return s
}
// SetPolicyType sets the PolicyType field's value.
func (s *CheckAccessNotGrantedInput) SetPolicyType(v string) *CheckAccessNotGrantedInput {
s.PolicyType = &v
return s
}
type CheckAccessNotGrantedOutput struct {
_ struct{} `type:"structure"`
// The message indicating whether the specified access is allowed.
Message *string `locationName:"message" type:"string"`
// A description of the reasoning of the result.
Reasons []*ReasonSummary `locationName:"reasons" type:"list"`
// The result of the check for whether the access is allowed. If the result
// is PASS, the specified policy doesn't allow any of the specified permissions
// in the access object. If the result is FAIL, the specified policy might allow
// some or all of the permissions in the access object.
Result *string `locationName:"result" type:"string" enum:"CheckAccessNotGrantedResult"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckAccessNotGrantedOutput) GoString() string {
return s.String()
}
// SetMessage sets the Message field's value.
func (s *CheckAccessNotGrantedOutput) SetMessage(v string) *CheckAccessNotGrantedOutput {
s.Message = &v
return s
}
// SetReasons sets the Reasons field's value.
func (s *CheckAccessNotGrantedOutput) SetReasons(v []*ReasonSummary) *CheckAccessNotGrantedOutput {
s.Reasons = v
return s
}
// SetResult sets the Result field's value.
func (s *CheckAccessNotGrantedOutput) SetResult(v string) *CheckAccessNotGrantedOutput {
s.Result = &v
return s
}
type CheckNoNewAccessInput struct {
_ struct{} `type:"structure"`
// The JSON policy document to use as the content for the existing policy.
//
// ExistingPolicyDocument is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CheckNoNewAccessInput's
// String and GoString methods.
//
// ExistingPolicyDocument is a required field
ExistingPolicyDocument *string `locationName:"existingPolicyDocument" type:"string" required:"true" sensitive:"true"`
// The JSON policy document to use as the content for the updated policy.
//
// NewPolicyDocument is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CheckNoNewAccessInput's
// String and GoString methods.
//
// NewPolicyDocument is a required field
NewPolicyDocument *string `locationName:"newPolicyDocument" type:"string" required:"true" sensitive:"true"`
// The type of policy to compare. Identity policies grant permissions to IAM
// principals. Identity policies include managed and inline policies for IAM
// roles, users, and groups.
//
// Resource policies grant permissions on Amazon Web Services resources. Resource
// policies include trust policies for IAM roles and bucket policies for Amazon
// S3 buckets. You can provide a generic input such as identity policy or resource
// policy or a specific input such as managed policy or Amazon S3 bucket policy.
//
// PolicyType is a required field
PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"AccessCheckPolicyType"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CheckNoNewAccessInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CheckNoNewAccessInput"}
if s.ExistingPolicyDocument == nil {
invalidParams.Add(request.NewErrParamRequired("ExistingPolicyDocument"))
}
if s.NewPolicyDocument == nil {
invalidParams.Add(request.NewErrParamRequired("NewPolicyDocument"))
}
if s.PolicyType == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyType"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetExistingPolicyDocument sets the ExistingPolicyDocument field's value.
func (s *CheckNoNewAccessInput) SetExistingPolicyDocument(v string) *CheckNoNewAccessInput {
s.ExistingPolicyDocument = &v
return s
}
// SetNewPolicyDocument sets the NewPolicyDocument field's value.
func (s *CheckNoNewAccessInput) SetNewPolicyDocument(v string) *CheckNoNewAccessInput {
s.NewPolicyDocument = &v
return s
}
// SetPolicyType sets the PolicyType field's value.
func (s *CheckNoNewAccessInput) SetPolicyType(v string) *CheckNoNewAccessInput {
s.PolicyType = &v
return s
}
type CheckNoNewAccessOutput struct {
_ struct{} `type:"structure"`
// The message indicating whether the updated policy allows new access.
Message *string `locationName:"message" type:"string"`
// A description of the reasoning of the result.
Reasons []*ReasonSummary `locationName:"reasons" type:"list"`
// The result of the check for new access. If the result is PASS, no new access
// is allowed by the updated policy. If the result is FAIL, the updated policy
// might allow new access.
Result *string `locationName:"result" type:"string" enum:"CheckNoNewAccessResult"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoNewAccessOutput) GoString() string {
return s.String()
}
// SetMessage sets the Message field's value.
func (s *CheckNoNewAccessOutput) SetMessage(v string) *CheckNoNewAccessOutput {
s.Message = &v
return s
}
// SetReasons sets the Reasons field's value.
func (s *CheckNoNewAccessOutput) SetReasons(v []*ReasonSummary) *CheckNoNewAccessOutput {
s.Reasons = v
return s
}
// SetResult sets the Result field's value.
func (s *CheckNoNewAccessOutput) SetResult(v string) *CheckNoNewAccessOutput {
s.Result = &v
return s
}
type CheckNoPublicAccessInput struct {
_ struct{} `type:"structure"`
// The JSON policy document to evaluate for public access.
//
// PolicyDocument is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CheckNoPublicAccessInput's
// String and GoString methods.
//
// PolicyDocument is a required field
PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true" sensitive:"true"`
// The type of resource to evaluate for public access. For example, to check
// for public access to Amazon S3 buckets, you can choose AWS::S3::Bucket for
// the resource type.
//
// For resource types not supported as valid values, IAM Access Analyzer will
// return an error.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"AccessCheckResourceType"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoPublicAccessInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoPublicAccessInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CheckNoPublicAccessInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CheckNoPublicAccessInput"}
if s.PolicyDocument == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
}
if s.ResourceType == nil {
invalidParams.Add(request.NewErrParamRequired("ResourceType"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPolicyDocument sets the PolicyDocument field's value.
func (s *CheckNoPublicAccessInput) SetPolicyDocument(v string) *CheckNoPublicAccessInput {
s.PolicyDocument = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *CheckNoPublicAccessInput) SetResourceType(v string) *CheckNoPublicAccessInput {
s.ResourceType = &v
return s
}
type CheckNoPublicAccessOutput struct {
_ struct{} `type:"structure"`
// The message indicating whether the specified policy allows public access
// to resources.
Message *string `locationName:"message" type:"string"`
// A list of reasons why the specified resource policy grants public access
// for the resource type.
Reasons []*ReasonSummary `locationName:"reasons" type:"list"`
// The result of the check for public access to the specified resource type.
// If the result is PASS, the policy doesn't allow public access to the specified
// resource type. If the result is FAIL, the policy might allow public access
// to the specified resource type.
Result *string `locationName:"result" type:"string" enum:"CheckNoPublicAccessResult"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoPublicAccessOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CheckNoPublicAccessOutput) GoString() string {
return s.String()
}
// SetMessage sets the Message field's value.
func (s *CheckNoPublicAccessOutput) SetMessage(v string) *CheckNoPublicAccessOutput {
s.Message = &v
return s
}
// SetReasons sets the Reasons field's value.
func (s *CheckNoPublicAccessOutput) SetReasons(v []*ReasonSummary) *CheckNoPublicAccessOutput {
s.Reasons = v
return s
}
// SetResult sets the Result field's value.
func (s *CheckNoPublicAccessOutput) SetResult(v string) *CheckNoPublicAccessOutput {
s.Result = &v
return s
}
// Contains information about CloudTrail access.
type CloudTrailDetails struct {
_ struct{} `type:"structure"`
// The ARN of the service role that IAM Access Analyzer uses to access your
// CloudTrail trail and service last accessed information.
//
// AccessRole is a required field
AccessRole *string `locationName:"accessRole" type:"string" required:"true"`
// The end of the time range for which IAM Access Analyzer reviews your CloudTrail
// events. Events with a timestamp after this time are not considered to generate
// a policy. If this is not included in the request, the default value is the
// current time.
EndTime *time.Time `locationName:"endTime" type:"timestamp" timestampFormat:"iso8601"`
// The start of the time range for which IAM Access Analyzer reviews your CloudTrail
// events. Events with a timestamp before this time are not considered to generate
// a policy.
//
// StartTime is a required field
StartTime *time.Time `locationName:"startTime" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// A Trail object that contains settings for a trail.
//
// Trails is a required field
Trails []*Trail `locationName:"trails" type:"list" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailDetails) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CloudTrailDetails) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CloudTrailDetails"}
if s.AccessRole == nil {
invalidParams.Add(request.NewErrParamRequired("AccessRole"))
}
if s.StartTime == nil {
invalidParams.Add(request.NewErrParamRequired("StartTime"))
}
if s.Trails == nil {
invalidParams.Add(request.NewErrParamRequired("Trails"))
}
if s.Trails != nil {
for i, v := range s.Trails {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Trails", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccessRole sets the AccessRole field's value.
func (s *CloudTrailDetails) SetAccessRole(v string) *CloudTrailDetails {
s.AccessRole = &v
return s
}
// SetEndTime sets the EndTime field's value.
func (s *CloudTrailDetails) SetEndTime(v time.Time) *CloudTrailDetails {
s.EndTime = &v
return s
}
// SetStartTime sets the StartTime field's value.
func (s *CloudTrailDetails) SetStartTime(v time.Time) *CloudTrailDetails {
s.StartTime = &v
return s
}
// SetTrails sets the Trails field's value.
func (s *CloudTrailDetails) SetTrails(v []*Trail) *CloudTrailDetails {
s.Trails = v
return s
}
// Contains information about CloudTrail access.
type CloudTrailProperties struct {
_ struct{} `type:"structure"`
// The end of the time range for which IAM Access Analyzer reviews your CloudTrail
// events. Events with a timestamp after this time are not considered to generate
// a policy. If this is not included in the request, the default value is the
// current time.
//
// EndTime is a required field
EndTime *time.Time `locationName:"endTime" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The start of the time range for which IAM Access Analyzer reviews your CloudTrail
// events. Events with a timestamp before this time are not considered to generate
// a policy.
//
// StartTime is a required field
StartTime *time.Time `locationName:"startTime" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// A TrailProperties object that contains settings for trail properties.
//
// TrailProperties is a required field
TrailProperties []*TrailProperties `locationName:"trailProperties" type:"list" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailProperties) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CloudTrailProperties) GoString() string {
return s.String()
}
// SetEndTime sets the EndTime field's value.
func (s *CloudTrailProperties) SetEndTime(v time.Time) *CloudTrailProperties {
s.EndTime = &v
return s
}
// SetStartTime sets the StartTime field's value.
func (s *CloudTrailProperties) SetStartTime(v time.Time) *CloudTrailProperties {
s.StartTime = &v
return s
}
// SetTrailProperties sets the TrailProperties field's value.
func (s *CloudTrailProperties) SetTrailProperties(v []*TrailProperties) *CloudTrailProperties {
s.TrailProperties = v
return s
}
// Access control configuration structures for your resource. You specify the
// configuration as a type-value pair. You can specify only one type of access
// control configuration.
type Configuration struct {
_ struct{} `type:"structure"`
// The access control configuration is for a DynamoDB stream.
DynamodbStream *DynamodbStreamConfiguration `locationName:"dynamodbStream" type:"structure"`
// The access control configuration is for a DynamoDB table or index.
DynamodbTable *DynamodbTableConfiguration `locationName:"dynamodbTable" type:"structure"`
// The access control configuration is for an Amazon EBS volume snapshot.
EbsSnapshot *EbsSnapshotConfiguration `locationName:"ebsSnapshot" type:"structure"`
// The access control configuration is for an Amazon ECR repository.
EcrRepository *EcrRepositoryConfiguration `locationName:"ecrRepository" type:"structure"`
// The access control configuration is for an Amazon EFS file system.
EfsFileSystem *EfsFileSystemConfiguration `locationName:"efsFileSystem" type:"structure"`
// The access control configuration is for an IAM role.
IamRole *IamRoleConfiguration `locationName:"iamRole" type:"structure"`
// The access control configuration is for a KMS key.
KmsKey *KmsKeyConfiguration `locationName:"kmsKey" type:"structure"`
// The access control configuration is for an Amazon RDS DB cluster snapshot.
RdsDbClusterSnapshot *RdsDbClusterSnapshotConfiguration `locationName:"rdsDbClusterSnapshot" type:"structure"`
// The access control configuration is for an Amazon RDS DB snapshot.
RdsDbSnapshot *RdsDbSnapshotConfiguration `locationName:"rdsDbSnapshot" type:"structure"`
// The access control configuration is for an Amazon S3 bucket.
S3Bucket *S3BucketConfiguration `locationName:"s3Bucket" type:"structure"`
// The access control configuration is for an Amazon S3 directory bucket.
S3ExpressDirectoryBucket *S3ExpressDirectoryBucketConfiguration `locationName:"s3ExpressDirectoryBucket" type:"structure"`
// The access control configuration is for a Secrets Manager secret.
SecretsManagerSecret *SecretsManagerSecretConfiguration `locationName:"secretsManagerSecret" type:"structure"`
// The access control configuration is for an Amazon SNS topic
SnsTopic *SnsTopicConfiguration `locationName:"snsTopic" type:"structure"`
// The access control configuration is for an Amazon SQS queue.
SqsQueue *SqsQueueConfiguration `locationName:"sqsQueue" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Configuration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Configuration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *Configuration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "Configuration"}
if s.KmsKey != nil {
if err := s.KmsKey.Validate(); err != nil {
invalidParams.AddNested("KmsKey", err.(request.ErrInvalidParams))
}
}
if s.S3Bucket != nil {
if err := s.S3Bucket.Validate(); err != nil {
invalidParams.AddNested("S3Bucket", err.(request.ErrInvalidParams))
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetDynamodbStream sets the DynamodbStream field's value.
func (s *Configuration) SetDynamodbStream(v *DynamodbStreamConfiguration) *Configuration {
s.DynamodbStream = v
return s
}
// SetDynamodbTable sets the DynamodbTable field's value.
func (s *Configuration) SetDynamodbTable(v *DynamodbTableConfiguration) *Configuration {
s.DynamodbTable = v
return s
}
// SetEbsSnapshot sets the EbsSnapshot field's value.
func (s *Configuration) SetEbsSnapshot(v *EbsSnapshotConfiguration) *Configuration {
s.EbsSnapshot = v
return s
}
// SetEcrRepository sets the EcrRepository field's value.
func (s *Configuration) SetEcrRepository(v *EcrRepositoryConfiguration) *Configuration {
s.EcrRepository = v
return s
}
// SetEfsFileSystem sets the EfsFileSystem field's value.
func (s *Configuration) SetEfsFileSystem(v *EfsFileSystemConfiguration) *Configuration {
s.EfsFileSystem = v
return s
}
// SetIamRole sets the IamRole field's value.
func (s *Configuration) SetIamRole(v *IamRoleConfiguration) *Configuration {
s.IamRole = v
return s
}
// SetKmsKey sets the KmsKey field's value.
func (s *Configuration) SetKmsKey(v *KmsKeyConfiguration) *Configuration {
s.KmsKey = v
return s
}
// SetRdsDbClusterSnapshot sets the RdsDbClusterSnapshot field's value.
func (s *Configuration) SetRdsDbClusterSnapshot(v *RdsDbClusterSnapshotConfiguration) *Configuration {
s.RdsDbClusterSnapshot = v
return s
}
// SetRdsDbSnapshot sets the RdsDbSnapshot field's value.
func (s *Configuration) SetRdsDbSnapshot(v *RdsDbSnapshotConfiguration) *Configuration {
s.RdsDbSnapshot = v
return s
}
// SetS3Bucket sets the S3Bucket field's value.
func (s *Configuration) SetS3Bucket(v *S3BucketConfiguration) *Configuration {
s.S3Bucket = v
return s
}
// SetS3ExpressDirectoryBucket sets the S3ExpressDirectoryBucket field's value.
func (s *Configuration) SetS3ExpressDirectoryBucket(v *S3ExpressDirectoryBucketConfiguration) *Configuration {
s.S3ExpressDirectoryBucket = v
return s
}
// SetSecretsManagerSecret sets the SecretsManagerSecret field's value.
func (s *Configuration) SetSecretsManagerSecret(v *SecretsManagerSecretConfiguration) *Configuration {
s.SecretsManagerSecret = v
return s
}
// SetSnsTopic sets the SnsTopic field's value.
func (s *Configuration) SetSnsTopic(v *SnsTopicConfiguration) *Configuration {
s.SnsTopic = v
return s
}
// SetSqsQueue sets the SqsQueue field's value.
func (s *Configuration) SetSqsQueue(v *SqsQueueConfiguration) *Configuration {
s.SqsQueue = v
return s
}
// A conflict exception error.
type ConflictException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
// The ID of the resource.
//
// ResourceId is a required field
ResourceId *string `locationName:"resourceId" type:"string" required:"true"`
// The resource type.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConflictException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ConflictException) GoString() string {
return s.String()
}
func newErrorConflictException(v protocol.ResponseMetadata) error {
return &ConflictException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *ConflictException) Code() string {
return "ConflictException"
}
// Message returns the exception's message.
func (s *ConflictException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ConflictException) OrigErr() error {
return nil
}
func (s *ConflictException) Error() string {
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}
// Status code returns the HTTP status code for the request's response error.
func (s *ConflictException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *ConflictException) RequestID() string {
return s.RespMetadata.RequestID
}
type CreateAccessPreviewInput struct {
_ struct{} `type:"structure"`
// The ARN of the account analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// used to generate the access preview. You can only create an access preview
// for analyzers with an Account type and Active status.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// A client token.
ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
// Access control configuration for your resource that is used to generate the
// access preview. The access preview includes findings for external access
// allowed to the resource with the proposed access control configuration. The
// configuration must contain exactly one element.
//
// Configurations is a required field
Configurations map[string]*Configuration `locationName:"configurations" type:"map" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateAccessPreviewInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CreateAccessPreviewInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Configurations == nil {
invalidParams.Add(request.NewErrParamRequired("Configurations"))
}
if s.Configurations != nil {
for i, v := range s.Configurations {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Configurations", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *CreateAccessPreviewInput) SetAnalyzerArn(v string) *CreateAccessPreviewInput {
s.AnalyzerArn = &v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *CreateAccessPreviewInput) SetClientToken(v string) *CreateAccessPreviewInput {
s.ClientToken = &v
return s
}
// SetConfigurations sets the Configurations field's value.
func (s *CreateAccessPreviewInput) SetConfigurations(v map[string]*Configuration) *CreateAccessPreviewInput {
s.Configurations = v
return s
}
type CreateAccessPreviewOutput struct {
_ struct{} `type:"structure"`
// The unique ID for the access preview.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAccessPreviewOutput) GoString() string {
return s.String()
}
// SetId sets the Id field's value.
func (s *CreateAccessPreviewOutput) SetId(v string) *CreateAccessPreviewOutput {
s.Id = &v
return s
}
// Creates an analyzer.
type CreateAnalyzerInput struct {
_ struct{} `type:"structure"`
// The name of the analyzer to create.
//
// AnalyzerName is a required field
AnalyzerName *string `locationName:"analyzerName" min:"1" type:"string" required:"true"`
// Specifies the archive rules to add for the analyzer. Archive rules automatically
// archive findings that meet the criteria you define for the rule.
ArchiveRules []*InlineArchiveRule `locationName:"archiveRules" type:"list"`
// A client token.
ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
// Specifies the configuration of the analyzer. If the analyzer is an unused
// access analyzer, the specified scope of unused access is used for the configuration.
// If the analyzer is an external access analyzer, this field is not used.
Configuration *AnalyzerConfiguration `locationName:"configuration" type:"structure"`
// An array of key-value pairs to apply to the analyzer.
Tags map[string]*string `locationName:"tags" type:"map"`
// The type of analyzer to create. Only ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS,
// and ORGANIZATION_UNUSED_ACCESS analyzers are supported. You can create only
// one analyzer per account per Region. You can create up to 5 analyzers per
// organization per Region.
//
// Type is a required field
Type *string `locationName:"type" type:"string" required:"true" enum:"Type"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateAnalyzerInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CreateAnalyzerInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if s.Type == nil {
invalidParams.Add(request.NewErrParamRequired("Type"))
}
if s.ArchiveRules != nil {
for i, v := range s.ArchiveRules {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ArchiveRules", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *CreateAnalyzerInput) SetAnalyzerName(v string) *CreateAnalyzerInput {
s.AnalyzerName = &v
return s
}
// SetArchiveRules sets the ArchiveRules field's value.
func (s *CreateAnalyzerInput) SetArchiveRules(v []*InlineArchiveRule) *CreateAnalyzerInput {
s.ArchiveRules = v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *CreateAnalyzerInput) SetClientToken(v string) *CreateAnalyzerInput {
s.ClientToken = &v
return s
}
// SetConfiguration sets the Configuration field's value.
func (s *CreateAnalyzerInput) SetConfiguration(v *AnalyzerConfiguration) *CreateAnalyzerInput {
s.Configuration = v
return s
}
// SetTags sets the Tags field's value.
func (s *CreateAnalyzerInput) SetTags(v map[string]*string) *CreateAnalyzerInput {
s.Tags = v
return s
}
// SetType sets the Type field's value.
func (s *CreateAnalyzerInput) SetType(v string) *CreateAnalyzerInput {
s.Type = &v
return s
}
// The response to the request to create an analyzer.
type CreateAnalyzerOutput struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer that was created by the request.
Arn *string `locationName:"arn" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateAnalyzerOutput) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *CreateAnalyzerOutput) SetArn(v string) *CreateAnalyzerOutput {
s.Arn = &v
return s
}
// Creates an archive rule.
type CreateArchiveRuleInput struct {
_ struct{} `type:"structure"`
// The name of the created analyzer.
//
// AnalyzerName is a required field
AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
// A client token.
ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
// The criteria for the rule.
//
// Filter is a required field
Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`
// The name of the rule to create.
//
// RuleName is a required field
RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateArchiveRuleInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CreateArchiveRuleInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if s.Filter == nil {
invalidParams.Add(request.NewErrParamRequired("Filter"))
}
if s.RuleName == nil {
invalidParams.Add(request.NewErrParamRequired("RuleName"))
}
if s.RuleName != nil && len(*s.RuleName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
}
if s.Filter != nil {
for i, v := range s.Filter {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *CreateArchiveRuleInput) SetAnalyzerName(v string) *CreateArchiveRuleInput {
s.AnalyzerName = &v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *CreateArchiveRuleInput) SetClientToken(v string) *CreateArchiveRuleInput {
s.ClientToken = &v
return s
}
// SetFilter sets the Filter field's value.
func (s *CreateArchiveRuleInput) SetFilter(v map[string]*Criterion) *CreateArchiveRuleInput {
s.Filter = v
return s
}
// SetRuleName sets the RuleName field's value.
func (s *CreateArchiveRuleInput) SetRuleName(v string) *CreateArchiveRuleInput {
s.RuleName = &v
return s
}
type CreateArchiveRuleOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s CreateArchiveRuleOutput) GoString() string {
return s.String()
}
// The criteria to use in the filter that defines the archive rule. For more
// information on available filter keys, see IAM Access Analyzer filter keys
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-filter-keys.html).
type Criterion struct {
_ struct{} `type:"structure"`
// A "contains" operator to match for the filter used to create the rule.
Contains []*string `locationName:"contains" min:"1" type:"list"`
// An "equals" operator to match for the filter used to create the rule.
Eq []*string `locationName:"eq" min:"1" type:"list"`
// An "exists" operator to match for the filter used to create the rule.
Exists *bool `locationName:"exists" type:"boolean"`
// A "not equals" operator to match for the filter used to create the rule.
Neq []*string `locationName:"neq" min:"1" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Criterion) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Criterion) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *Criterion) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "Criterion"}
if s.Contains != nil && len(s.Contains) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Contains", 1))
}
if s.Eq != nil && len(s.Eq) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Eq", 1))
}
if s.Neq != nil && len(s.Neq) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Neq", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetContains sets the Contains field's value.
func (s *Criterion) SetContains(v []*string) *Criterion {
s.Contains = v
return s
}
// SetEq sets the Eq field's value.
func (s *Criterion) SetEq(v []*string) *Criterion {
s.Eq = v
return s
}
// SetExists sets the Exists field's value.
func (s *Criterion) SetExists(v bool) *Criterion {
s.Exists = &v
return s
}
// SetNeq sets the Neq field's value.
func (s *Criterion) SetNeq(v []*string) *Criterion {
s.Neq = v
return s
}
// Deletes an analyzer.
type DeleteAnalyzerInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The name of the analyzer to delete.
//
// AnalyzerName is a required field
AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
// A client token.
ClientToken *string `location:"querystring" locationName:"clientToken" type:"string" idempotencyToken:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteAnalyzerInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DeleteAnalyzerInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *DeleteAnalyzerInput) SetAnalyzerName(v string) *DeleteAnalyzerInput {
s.AnalyzerName = &v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *DeleteAnalyzerInput) SetClientToken(v string) *DeleteAnalyzerInput {
s.ClientToken = &v
return s
}
type DeleteAnalyzerOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteAnalyzerOutput) GoString() string {
return s.String()
}
// Deletes an archive rule.
type DeleteArchiveRuleInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The name of the analyzer that associated with the archive rule to delete.
//
// AnalyzerName is a required field
AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
// A client token.
ClientToken *string `location:"querystring" locationName:"clientToken" type:"string" idempotencyToken:"true"`
// The name of the rule to delete.
//
// RuleName is a required field
RuleName *string `location:"uri" locationName:"ruleName" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteArchiveRuleInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DeleteArchiveRuleInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if s.RuleName == nil {
invalidParams.Add(request.NewErrParamRequired("RuleName"))
}
if s.RuleName != nil && len(*s.RuleName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *DeleteArchiveRuleInput) SetAnalyzerName(v string) *DeleteArchiveRuleInput {
s.AnalyzerName = &v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *DeleteArchiveRuleInput) SetClientToken(v string) *DeleteArchiveRuleInput {
s.ClientToken = &v
return s
}
// SetRuleName sets the RuleName field's value.
func (s *DeleteArchiveRuleInput) SetRuleName(v string) *DeleteArchiveRuleInput {
s.RuleName = &v
return s
}
type DeleteArchiveRuleOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DeleteArchiveRuleOutput) GoString() string {
return s.String()
}
// The proposed access control configuration for a DynamoDB stream. You can
// propose a configuration for a new DynamoDB stream or an existing DynamoDB
// stream that you own by specifying the policy for the DynamoDB stream. For
// more information, see PutResourcePolicy (https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutResourcePolicy.html).
//
// - If the configuration is for an existing DynamoDB stream and you do not
// specify the DynamoDB policy, then the access preview uses the existing
// DynamoDB policy for the stream.
//
// - If the access preview is for a new resource and you do not specify the
// policy, then the access preview assumes a DynamoDB stream without a policy.
//
// - To propose deletion of an existing DynamoDB stream policy, you can specify
// an empty string for the DynamoDB policy.
type DynamodbStreamConfiguration struct {
_ struct{} `type:"structure"`
// The proposed resource policy defining who can access or manage the DynamoDB
// stream.
StreamPolicy *string `locationName:"streamPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DynamodbStreamConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DynamodbStreamConfiguration) GoString() string {
return s.String()
}
// SetStreamPolicy sets the StreamPolicy field's value.
func (s *DynamodbStreamConfiguration) SetStreamPolicy(v string) *DynamodbStreamConfiguration {
s.StreamPolicy = &v
return s
}
// The proposed access control configuration for a DynamoDB table or index.
// You can propose a configuration for a new DynamoDB table or index or an existing
// DynamoDB table or index that you own by specifying the policy for the DynamoDB
// table or index. For more information, see PutResourcePolicy (https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_PutResourcePolicy.html).
//
// - If the configuration is for an existing DynamoDB table or index and
// you do not specify the DynamoDB policy, then the access preview uses the
// existing DynamoDB policy for the table or index.
//
// - If the access preview is for a new resource and you do not specify the
// policy, then the access preview assumes a DynamoDB table without a policy.
//
// - To propose deletion of an existing DynamoDB table or index policy, you
// can specify an empty string for the DynamoDB policy.
type DynamodbTableConfiguration struct {
_ struct{} `type:"structure"`
// The proposed resource policy defining who can access or manage the DynamoDB
// table.
TablePolicy *string `locationName:"tablePolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DynamodbTableConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s DynamodbTableConfiguration) GoString() string {
return s.String()
}
// SetTablePolicy sets the TablePolicy field's value.
func (s *DynamodbTableConfiguration) SetTablePolicy(v string) *DynamodbTableConfiguration {
s.TablePolicy = &v
return s
}
// The proposed access control configuration for an Amazon EBS volume snapshot.
// You can propose a configuration for a new Amazon EBS volume snapshot or an
// Amazon EBS volume snapshot that you own by specifying the user IDs, groups,
// and optional KMS encryption key. For more information, see ModifySnapshotAttribute
// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySnapshotAttribute.html).
type EbsSnapshotConfiguration struct {
_ struct{} `type:"structure"`
// The groups that have access to the Amazon EBS volume snapshot. If the value
// all is specified, then the Amazon EBS volume snapshot is public.
//
// * If the configuration is for an existing Amazon EBS volume snapshot and
// you do not specify the groups, then the access preview uses the existing
// shared groups for the snapshot.
//
// * If the access preview is for a new resource and you do not specify the
// groups, then the access preview considers the snapshot without any groups.
//
// * To propose deletion of existing shared groups, you can specify an empty
// list for groups.
Groups []*string `locationName:"groups" type:"list"`
// The KMS key identifier for an encrypted Amazon EBS volume snapshot. The KMS
// key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS
// key.
//
// * If the configuration is for an existing Amazon EBS volume snapshot and
// you do not specify the kmsKeyId, or you specify an empty string, then
// the access preview uses the existing kmsKeyId of the snapshot.
//
// * If the access preview is for a new resource and you do not specify the
// kmsKeyId, the access preview considers the snapshot as unencrypted.
KmsKeyId *string `locationName:"kmsKeyId" type:"string"`
// The IDs of the Amazon Web Services accounts that have access to the Amazon
// EBS volume snapshot.
//
// * If the configuration is for an existing Amazon EBS volume snapshot and
// you do not specify the userIds, then the access preview uses the existing
// shared userIds for the snapshot.
//
// * If the access preview is for a new resource and you do not specify the
// userIds, then the access preview considers the snapshot without any userIds.
//
// * To propose deletion of existing shared accountIds, you can specify an
// empty list for userIds.
UserIds []*string `locationName:"userIds" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EbsSnapshotConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EbsSnapshotConfiguration) GoString() string {
return s.String()
}
// SetGroups sets the Groups field's value.
func (s *EbsSnapshotConfiguration) SetGroups(v []*string) *EbsSnapshotConfiguration {
s.Groups = v
return s
}
// SetKmsKeyId sets the KmsKeyId field's value.
func (s *EbsSnapshotConfiguration) SetKmsKeyId(v string) *EbsSnapshotConfiguration {
s.KmsKeyId = &v
return s
}
// SetUserIds sets the UserIds field's value.
func (s *EbsSnapshotConfiguration) SetUserIds(v []*string) *EbsSnapshotConfiguration {
s.UserIds = v
return s
}
// The proposed access control configuration for an Amazon ECR repository. You
// can propose a configuration for a new Amazon ECR repository or an existing
// Amazon ECR repository that you own by specifying the Amazon ECR policy. For
// more information, see Repository (https://docs.aws.amazon.com/AmazonECR/latest/APIReference/API_Repository.html).
//
// - If the configuration is for an existing Amazon ECR repository and you
// do not specify the Amazon ECR policy, then the access preview uses the
// existing Amazon ECR policy for the repository.
//
// - If the access preview is for a new resource and you do not specify the
// policy, then the access preview assumes an Amazon ECR repository without
// a policy.
//
// - To propose deletion of an existing Amazon ECR repository policy, you
// can specify an empty string for the Amazon ECR policy.
type EcrRepositoryConfiguration struct {
_ struct{} `type:"structure"`
// The JSON repository policy text to apply to the Amazon ECR repository. For
// more information, see Private repository policy examples (https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html)
// in the Amazon ECR User Guide.
RepositoryPolicy *string `locationName:"repositoryPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EcrRepositoryConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EcrRepositoryConfiguration) GoString() string {
return s.String()
}
// SetRepositoryPolicy sets the RepositoryPolicy field's value.
func (s *EcrRepositoryConfiguration) SetRepositoryPolicy(v string) *EcrRepositoryConfiguration {
s.RepositoryPolicy = &v
return s
}
// The proposed access control configuration for an Amazon EFS file system.
// You can propose a configuration for a new Amazon EFS file system or an existing
// Amazon EFS file system that you own by specifying the Amazon EFS policy.
// For more information, see Using file systems in Amazon EFS (https://docs.aws.amazon.com/efs/latest/ug/using-fs.html).
//
// - If the configuration is for an existing Amazon EFS file system and you
// do not specify the Amazon EFS policy, then the access preview uses the
// existing Amazon EFS policy for the file system.
//
// - If the access preview is for a new resource and you do not specify the
// policy, then the access preview assumes an Amazon EFS file system without
// a policy.
//
// - To propose deletion of an existing Amazon EFS file system policy, you
// can specify an empty string for the Amazon EFS policy.
type EfsFileSystemConfiguration struct {
_ struct{} `type:"structure"`
// The JSON policy definition to apply to the Amazon EFS file system. For more
// information on the elements that make up a file system policy, see Amazon
// EFS Resource-based policies (https://docs.aws.amazon.com/efs/latest/ug/access-control-overview.html#access-control-manage-access-intro-resource-policies).
FileSystemPolicy *string `locationName:"fileSystemPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EfsFileSystemConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s EfsFileSystemConfiguration) GoString() string {
return s.String()
}
// SetFileSystemPolicy sets the FileSystemPolicy field's value.
func (s *EfsFileSystemConfiguration) SetFileSystemPolicy(v string) *EfsFileSystemConfiguration {
s.FileSystemPolicy = &v
return s
}
// Contains information about an external access finding.
type ExternalAccessDetails struct {
_ struct{} `type:"structure"`
// The action in the analyzed policy statement that an external principal has
// permission to use.
Action []*string `locationName:"action" type:"list"`
// The condition in the analyzed policy statement that resulted in an external
// access finding.
//
// Condition is a required field
Condition map[string]*string `locationName:"condition" type:"map" required:"true"`
// Specifies whether the external access finding is public.
IsPublic *bool `locationName:"isPublic" type:"boolean"`
// The external principal that has access to a resource within the zone of trust.
Principal map[string]*string `locationName:"principal" type:"map"`
// The sources of the external access finding. This indicates how the access
// that generated the finding is granted. It is populated for Amazon S3 bucket
// findings.
Sources []*FindingSource `locationName:"sources" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ExternalAccessDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ExternalAccessDetails) GoString() string {
return s.String()
}
// SetAction sets the Action field's value.
func (s *ExternalAccessDetails) SetAction(v []*string) *ExternalAccessDetails {
s.Action = v
return s
}
// SetCondition sets the Condition field's value.
func (s *ExternalAccessDetails) SetCondition(v map[string]*string) *ExternalAccessDetails {
s.Condition = v
return s
}
// SetIsPublic sets the IsPublic field's value.
func (s *ExternalAccessDetails) SetIsPublic(v bool) *ExternalAccessDetails {
s.IsPublic = &v
return s
}
// SetPrincipal sets the Principal field's value.
func (s *ExternalAccessDetails) SetPrincipal(v map[string]*string) *ExternalAccessDetails {
s.Principal = v
return s
}
// SetSources sets the Sources field's value.
func (s *ExternalAccessDetails) SetSources(v []*FindingSource) *ExternalAccessDetails {
s.Sources = v
return s
}
// Contains information about a finding.
type Finding struct {
_ struct{} `type:"structure"`
// The action in the analyzed policy statement that an external principal has
// permission to use.
Action []*string `locationName:"action" type:"list"`
// The time at which the resource was analyzed.
//
// AnalyzedAt is a required field
AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The condition in the analyzed policy statement that resulted in a finding.
//
// Condition is a required field
Condition map[string]*string `locationName:"condition" type:"map" required:"true"`
// The time at which the finding was generated.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// An error.
Error *string `locationName:"error" type:"string"`
// The ID of the finding.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
// Indicates whether the policy that generated the finding allows public access
// to the resource.
IsPublic *bool `locationName:"isPublic" type:"boolean"`
// The external principal that has access to a resource within the zone of trust.
Principal map[string]*string `locationName:"principal" type:"map"`
// The resource that an external principal has access to.
Resource *string `locationName:"resource" type:"string"`
// The Amazon Web Services account ID that owns the resource.
//
// ResourceOwnerAccount is a required field
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`
// The type of the resource identified in the finding.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
// The sources of the finding. This indicates how the access that generated
// the finding is granted. It is populated for Amazon S3 bucket findings.
Sources []*FindingSource `locationName:"sources" type:"list"`
// The current status of the finding.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`
// The time at which the finding was updated.
//
// UpdatedAt is a required field
UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Finding) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Finding) GoString() string {
return s.String()
}
// SetAction sets the Action field's value.
func (s *Finding) SetAction(v []*string) *Finding {
s.Action = v
return s
}
// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *Finding) SetAnalyzedAt(v time.Time) *Finding {
s.AnalyzedAt = &v
return s
}
// SetCondition sets the Condition field's value.
func (s *Finding) SetCondition(v map[string]*string) *Finding {
s.Condition = v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *Finding) SetCreatedAt(v time.Time) *Finding {
s.CreatedAt = &v
return s
}
// SetError sets the Error field's value.
func (s *Finding) SetError(v string) *Finding {
s.Error = &v
return s
}
// SetId sets the Id field's value.
func (s *Finding) SetId(v string) *Finding {
s.Id = &v
return s
}
// SetIsPublic sets the IsPublic field's value.
func (s *Finding) SetIsPublic(v bool) *Finding {
s.IsPublic = &v
return s
}
// SetPrincipal sets the Principal field's value.
func (s *Finding) SetPrincipal(v map[string]*string) *Finding {
s.Principal = v
return s
}
// SetResource sets the Resource field's value.
func (s *Finding) SetResource(v string) *Finding {
s.Resource = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *Finding) SetResourceOwnerAccount(v string) *Finding {
s.ResourceOwnerAccount = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *Finding) SetResourceType(v string) *Finding {
s.ResourceType = &v
return s
}
// SetSources sets the Sources field's value.
func (s *Finding) SetSources(v []*FindingSource) *Finding {
s.Sources = v
return s
}
// SetStatus sets the Status field's value.
func (s *Finding) SetStatus(v string) *Finding {
s.Status = &v
return s
}
// SetUpdatedAt sets the UpdatedAt field's value.
func (s *Finding) SetUpdatedAt(v time.Time) *Finding {
s.UpdatedAt = &v
return s
}
// Contains information about an external access or unused access finding. Only
// one parameter can be used in a FindingDetails object.
type FindingDetails struct {
_ struct{} `type:"structure"`
// The details for an external access analyzer finding.
ExternalAccessDetails *ExternalAccessDetails `locationName:"externalAccessDetails" type:"structure"`
// The details for an unused access analyzer finding with an unused IAM role
// finding type.
UnusedIamRoleDetails *UnusedIamRoleDetails `locationName:"unusedIamRoleDetails" type:"structure"`
// The details for an unused access analyzer finding with an unused IAM user
// access key finding type.
UnusedIamUserAccessKeyDetails *UnusedIamUserAccessKeyDetails `locationName:"unusedIamUserAccessKeyDetails" type:"structure"`
// The details for an unused access analyzer finding with an unused IAM user
// password finding type.
UnusedIamUserPasswordDetails *UnusedIamUserPasswordDetails `locationName:"unusedIamUserPasswordDetails" type:"structure"`
// The details for an unused access analyzer finding with an unused permission
// finding type.
UnusedPermissionDetails *UnusedPermissionDetails `locationName:"unusedPermissionDetails" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingDetails) GoString() string {
return s.String()
}
// SetExternalAccessDetails sets the ExternalAccessDetails field's value.
func (s *FindingDetails) SetExternalAccessDetails(v *ExternalAccessDetails) *FindingDetails {
s.ExternalAccessDetails = v
return s
}
// SetUnusedIamRoleDetails sets the UnusedIamRoleDetails field's value.
func (s *FindingDetails) SetUnusedIamRoleDetails(v *UnusedIamRoleDetails) *FindingDetails {
s.UnusedIamRoleDetails = v
return s
}
// SetUnusedIamUserAccessKeyDetails sets the UnusedIamUserAccessKeyDetails field's value.
func (s *FindingDetails) SetUnusedIamUserAccessKeyDetails(v *UnusedIamUserAccessKeyDetails) *FindingDetails {
s.UnusedIamUserAccessKeyDetails = v
return s
}
// SetUnusedIamUserPasswordDetails sets the UnusedIamUserPasswordDetails field's value.
func (s *FindingDetails) SetUnusedIamUserPasswordDetails(v *UnusedIamUserPasswordDetails) *FindingDetails {
s.UnusedIamUserPasswordDetails = v
return s
}
// SetUnusedPermissionDetails sets the UnusedPermissionDetails field's value.
func (s *FindingDetails) SetUnusedPermissionDetails(v *UnusedPermissionDetails) *FindingDetails {
s.UnusedPermissionDetails = v
return s
}
// The source of the finding. This indicates how the access that generated the
// finding is granted. It is populated for Amazon S3 bucket findings.
type FindingSource struct {
_ struct{} `type:"structure"`
// Includes details about how the access that generated the finding is granted.
// This is populated for Amazon S3 bucket findings.
Detail *FindingSourceDetail `locationName:"detail" type:"structure"`
// Indicates the type of access that generated the finding.
//
// Type is a required field
Type *string `locationName:"type" type:"string" required:"true" enum:"FindingSourceType"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSource) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSource) GoString() string {
return s.String()
}
// SetDetail sets the Detail field's value.
func (s *FindingSource) SetDetail(v *FindingSourceDetail) *FindingSource {
s.Detail = v
return s
}
// SetType sets the Type field's value.
func (s *FindingSource) SetType(v string) *FindingSource {
s.Type = &v
return s
}
// Includes details about how the access that generated the finding is granted.
// This is populated for Amazon S3 bucket findings.
type FindingSourceDetail struct {
_ struct{} `type:"structure"`
// The account of the cross-account access point that generated the finding.
AccessPointAccount *string `locationName:"accessPointAccount" type:"string"`
// The ARN of the access point that generated the finding. The ARN format depends
// on whether the ARN represents an access point or a multi-region access point.
AccessPointArn *string `locationName:"accessPointArn" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSourceDetail) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSourceDetail) GoString() string {
return s.String()
}
// SetAccessPointAccount sets the AccessPointAccount field's value.
func (s *FindingSourceDetail) SetAccessPointAccount(v string) *FindingSourceDetail {
s.AccessPointAccount = &v
return s
}
// SetAccessPointArn sets the AccessPointArn field's value.
func (s *FindingSourceDetail) SetAccessPointArn(v string) *FindingSourceDetail {
s.AccessPointArn = &v
return s
}
// Contains information about a finding.
type FindingSummary struct {
_ struct{} `type:"structure"`
// The action in the analyzed policy statement that an external principal has
// permission to use.
Action []*string `locationName:"action" type:"list"`
// The time at which the resource-based policy that generated the finding was
// analyzed.
//
// AnalyzedAt is a required field
AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The condition in the analyzed policy statement that resulted in a finding.
//
// Condition is a required field
Condition map[string]*string `locationName:"condition" type:"map" required:"true"`
// The time at which the finding was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The error that resulted in an Error finding.
Error *string `locationName:"error" type:"string"`
// The ID of the finding.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
// Indicates whether the finding reports a resource that has a policy that allows
// public access.
IsPublic *bool `locationName:"isPublic" type:"boolean"`
// The external principal that has access to a resource within the zone of trust.
Principal map[string]*string `locationName:"principal" type:"map"`
// The resource that the external principal has access to.
Resource *string `locationName:"resource" type:"string"`
// The Amazon Web Services account ID that owns the resource.
//
// ResourceOwnerAccount is a required field
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`
// The type of the resource that the external principal has access to.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
// The sources of the finding. This indicates how the access that generated
// the finding is granted. It is populated for Amazon S3 bucket findings.
Sources []*FindingSource `locationName:"sources" type:"list"`
// The status of the finding.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`
// The time at which the finding was most recently updated.
//
// UpdatedAt is a required field
UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummary) GoString() string {
return s.String()
}
// SetAction sets the Action field's value.
func (s *FindingSummary) SetAction(v []*string) *FindingSummary {
s.Action = v
return s
}
// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *FindingSummary) SetAnalyzedAt(v time.Time) *FindingSummary {
s.AnalyzedAt = &v
return s
}
// SetCondition sets the Condition field's value.
func (s *FindingSummary) SetCondition(v map[string]*string) *FindingSummary {
s.Condition = v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *FindingSummary) SetCreatedAt(v time.Time) *FindingSummary {
s.CreatedAt = &v
return s
}
// SetError sets the Error field's value.
func (s *FindingSummary) SetError(v string) *FindingSummary {
s.Error = &v
return s
}
// SetId sets the Id field's value.
func (s *FindingSummary) SetId(v string) *FindingSummary {
s.Id = &v
return s
}
// SetIsPublic sets the IsPublic field's value.
func (s *FindingSummary) SetIsPublic(v bool) *FindingSummary {
s.IsPublic = &v
return s
}
// SetPrincipal sets the Principal field's value.
func (s *FindingSummary) SetPrincipal(v map[string]*string) *FindingSummary {
s.Principal = v
return s
}
// SetResource sets the Resource field's value.
func (s *FindingSummary) SetResource(v string) *FindingSummary {
s.Resource = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *FindingSummary) SetResourceOwnerAccount(v string) *FindingSummary {
s.ResourceOwnerAccount = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *FindingSummary) SetResourceType(v string) *FindingSummary {
s.ResourceType = &v
return s
}
// SetSources sets the Sources field's value.
func (s *FindingSummary) SetSources(v []*FindingSource) *FindingSummary {
s.Sources = v
return s
}
// SetStatus sets the Status field's value.
func (s *FindingSummary) SetStatus(v string) *FindingSummary {
s.Status = &v
return s
}
// SetUpdatedAt sets the UpdatedAt field's value.
func (s *FindingSummary) SetUpdatedAt(v time.Time) *FindingSummary {
s.UpdatedAt = &v
return s
}
// Contains information about a finding.
type FindingSummaryV2 struct {
_ struct{} `type:"structure"`
// The time at which the resource-based policy or IAM entity that generated
// the finding was analyzed.
//
// AnalyzedAt is a required field
AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The time at which the finding was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The error that resulted in an Error finding.
Error *string `locationName:"error" type:"string"`
// The type of the external access or unused access finding.
FindingType *string `locationName:"findingType" type:"string" enum:"FindingType"`
// The ID of the finding.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
// The resource that the external principal has access to.
Resource *string `locationName:"resource" type:"string"`
// The Amazon Web Services account ID that owns the resource.
//
// ResourceOwnerAccount is a required field
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`
// The type of the resource that the external principal has access to.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
// The status of the finding.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`
// The time at which the finding was most recently updated.
//
// UpdatedAt is a required field
UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummaryV2) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s FindingSummaryV2) GoString() string {
return s.String()
}
// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *FindingSummaryV2) SetAnalyzedAt(v time.Time) *FindingSummaryV2 {
s.AnalyzedAt = &v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *FindingSummaryV2) SetCreatedAt(v time.Time) *FindingSummaryV2 {
s.CreatedAt = &v
return s
}
// SetError sets the Error field's value.
func (s *FindingSummaryV2) SetError(v string) *FindingSummaryV2 {
s.Error = &v
return s
}
// SetFindingType sets the FindingType field's value.
func (s *FindingSummaryV2) SetFindingType(v string) *FindingSummaryV2 {
s.FindingType = &v
return s
}
// SetId sets the Id field's value.
func (s *FindingSummaryV2) SetId(v string) *FindingSummaryV2 {
s.Id = &v
return s
}
// SetResource sets the Resource field's value.
func (s *FindingSummaryV2) SetResource(v string) *FindingSummaryV2 {
s.Resource = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *FindingSummaryV2) SetResourceOwnerAccount(v string) *FindingSummaryV2 {
s.ResourceOwnerAccount = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *FindingSummaryV2) SetResourceType(v string) *FindingSummaryV2 {
s.ResourceType = &v
return s
}
// SetStatus sets the Status field's value.
func (s *FindingSummaryV2) SetStatus(v string) *FindingSummaryV2 {
s.Status = &v
return s
}
// SetUpdatedAt sets the UpdatedAt field's value.
func (s *FindingSummaryV2) SetUpdatedAt(v time.Time) *FindingSummaryV2 {
s.UpdatedAt = &v
return s
}
type GenerateFindingRecommendationInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// used to generate the finding recommendation.
//
// AnalyzerArn is a required field
AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
// The unique ID for the finding recommendation.
//
// Id is a required field
Id *string `location:"uri" locationName:"id" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GenerateFindingRecommendationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GenerateFindingRecommendationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GenerateFindingRecommendationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GenerateFindingRecommendationInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Id == nil {
invalidParams.Add(request.NewErrParamRequired("Id"))
}
if s.Id != nil && len(*s.Id) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Id", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GenerateFindingRecommendationInput) SetAnalyzerArn(v string) *GenerateFindingRecommendationInput {
s.AnalyzerArn = &v
return s
}
// SetId sets the Id field's value.
func (s *GenerateFindingRecommendationInput) SetId(v string) *GenerateFindingRecommendationInput {
s.Id = &v
return s
}
type GenerateFindingRecommendationOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GenerateFindingRecommendationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GenerateFindingRecommendationOutput) GoString() string {
return s.String()
}
// Contains the text for the generated policy.
type GeneratedPolicy struct {
_ struct{} `type:"structure"`
// The text to use as the content for the new policy. The policy is created
// using the CreatePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html)
// action.
//
// Policy is a required field
Policy *string `locationName:"policy" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicy) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicy) GoString() string {
return s.String()
}
// SetPolicy sets the Policy field's value.
func (s *GeneratedPolicy) SetPolicy(v string) *GeneratedPolicy {
s.Policy = &v
return s
}
// Contains the generated policy details.
type GeneratedPolicyProperties struct {
_ struct{} `type:"structure"`
// Lists details about the Trail used to generated policy.
CloudTrailProperties *CloudTrailProperties `locationName:"cloudTrailProperties" type:"structure"`
// This value is set to true if the generated policy contains all possible actions
// for a service that IAM Access Analyzer identified from the CloudTrail trail
// that you specified, and false otherwise.
IsComplete *bool `locationName:"isComplete" type:"boolean"`
// The ARN of the IAM entity (user or role) for which you are generating a policy.
//
// PrincipalArn is a required field
PrincipalArn *string `locationName:"principalArn" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyProperties) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyProperties) GoString() string {
return s.String()
}
// SetCloudTrailProperties sets the CloudTrailProperties field's value.
func (s *GeneratedPolicyProperties) SetCloudTrailProperties(v *CloudTrailProperties) *GeneratedPolicyProperties {
s.CloudTrailProperties = v
return s
}
// SetIsComplete sets the IsComplete field's value.
func (s *GeneratedPolicyProperties) SetIsComplete(v bool) *GeneratedPolicyProperties {
s.IsComplete = &v
return s
}
// SetPrincipalArn sets the PrincipalArn field's value.
func (s *GeneratedPolicyProperties) SetPrincipalArn(v string) *GeneratedPolicyProperties {
s.PrincipalArn = &v
return s
}
// Contains the text for the generated policy and its details.
type GeneratedPolicyResult struct {
_ struct{} `type:"structure"`
// The text to use as the content for the new policy. The policy is created
// using the CreatePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html)
// action.
GeneratedPolicies []*GeneratedPolicy `locationName:"generatedPolicies" type:"list"`
// A GeneratedPolicyProperties object that contains properties of the generated
// policy.
//
// Properties is a required field
Properties *GeneratedPolicyProperties `locationName:"properties" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyResult) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GeneratedPolicyResult) GoString() string {
return s.String()
}
// SetGeneratedPolicies sets the GeneratedPolicies field's value.
func (s *GeneratedPolicyResult) SetGeneratedPolicies(v []*GeneratedPolicy) *GeneratedPolicyResult {
s.GeneratedPolicies = v
return s
}
// SetProperties sets the Properties field's value.
func (s *GeneratedPolicyResult) SetProperties(v *GeneratedPolicyProperties) *GeneratedPolicyResult {
s.Properties = v
return s
}
type GetAccessPreviewInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The unique ID for the access preview.
//
// AccessPreviewId is a required field
AccessPreviewId *string `location:"uri" locationName:"accessPreviewId" type:"string" required:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// used to generate the access preview.
//
// AnalyzerArn is a required field
AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetAccessPreviewInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetAccessPreviewInput"}
if s.AccessPreviewId == nil {
invalidParams.Add(request.NewErrParamRequired("AccessPreviewId"))
}
if s.AccessPreviewId != nil && len(*s.AccessPreviewId) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AccessPreviewId", 1))
}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccessPreviewId sets the AccessPreviewId field's value.
func (s *GetAccessPreviewInput) SetAccessPreviewId(v string) *GetAccessPreviewInput {
s.AccessPreviewId = &v
return s
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetAccessPreviewInput) SetAnalyzerArn(v string) *GetAccessPreviewInput {
s.AnalyzerArn = &v
return s
}
type GetAccessPreviewOutput struct {
_ struct{} `type:"structure"`
// An object that contains information about the access preview.
//
// AccessPreview is a required field
AccessPreview *AccessPreview `locationName:"accessPreview" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAccessPreviewOutput) GoString() string {
return s.String()
}
// SetAccessPreview sets the AccessPreview field's value.
func (s *GetAccessPreviewOutput) SetAccessPreview(v *AccessPreview) *GetAccessPreviewOutput {
s.AccessPreview = v
return s
}
// Retrieves an analyzed resource.
type GetAnalyzedResourceInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// to retrieve information from.
//
// AnalyzerArn is a required field
AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
// The ARN of the resource to retrieve information about.
//
// ResourceArn is a required field
ResourceArn *string `location:"querystring" locationName:"resourceArn" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetAnalyzedResourceInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetAnalyzedResourceInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.ResourceArn == nil {
invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetAnalyzedResourceInput) SetAnalyzerArn(v string) *GetAnalyzedResourceInput {
s.AnalyzerArn = &v
return s
}
// SetResourceArn sets the ResourceArn field's value.
func (s *GetAnalyzedResourceInput) SetResourceArn(v string) *GetAnalyzedResourceInput {
s.ResourceArn = &v
return s
}
// The response to the request.
type GetAnalyzedResourceOutput struct {
_ struct{} `type:"structure"`
// An AnalyzedResource object that contains information that IAM Access Analyzer
// found when it analyzed the resource.
Resource *AnalyzedResource `locationName:"resource" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzedResourceOutput) GoString() string {
return s.String()
}
// SetResource sets the Resource field's value.
func (s *GetAnalyzedResourceOutput) SetResource(v *AnalyzedResource) *GetAnalyzedResourceOutput {
s.Resource = v
return s
}
// Retrieves an analyzer.
type GetAnalyzerInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The name of the analyzer retrieved.
//
// AnalyzerName is a required field
AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetAnalyzerInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetAnalyzerInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *GetAnalyzerInput) SetAnalyzerName(v string) *GetAnalyzerInput {
s.AnalyzerName = &v
return s
}
// The response to the request.
type GetAnalyzerOutput struct {
_ struct{} `type:"structure"`
// An AnalyzerSummary object that contains information about the analyzer.
//
// Analyzer is a required field
Analyzer *AnalyzerSummary `locationName:"analyzer" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetAnalyzerOutput) GoString() string {
return s.String()
}
// SetAnalyzer sets the Analyzer field's value.
func (s *GetAnalyzerOutput) SetAnalyzer(v *AnalyzerSummary) *GetAnalyzerOutput {
s.Analyzer = v
return s
}
// Retrieves an archive rule.
type GetArchiveRuleInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The name of the analyzer to retrieve rules from.
//
// AnalyzerName is a required field
AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
// The name of the rule to retrieve.
//
// RuleName is a required field
RuleName *string `location:"uri" locationName:"ruleName" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetArchiveRuleInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetArchiveRuleInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if s.RuleName == nil {
invalidParams.Add(request.NewErrParamRequired("RuleName"))
}
if s.RuleName != nil && len(*s.RuleName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *GetArchiveRuleInput) SetAnalyzerName(v string) *GetArchiveRuleInput {
s.AnalyzerName = &v
return s
}
// SetRuleName sets the RuleName field's value.
func (s *GetArchiveRuleInput) SetRuleName(v string) *GetArchiveRuleInput {
s.RuleName = &v
return s
}
// The response to the request.
type GetArchiveRuleOutput struct {
_ struct{} `type:"structure"`
// Contains information about an archive rule.
//
// ArchiveRule is a required field
ArchiveRule *ArchiveRuleSummary `locationName:"archiveRule" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetArchiveRuleOutput) GoString() string {
return s.String()
}
// SetArchiveRule sets the ArchiveRule field's value.
func (s *GetArchiveRuleOutput) SetArchiveRule(v *ArchiveRuleSummary) *GetArchiveRuleOutput {
s.ArchiveRule = v
return s
}
// Retrieves a finding.
type GetFindingInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// that generated the finding.
//
// AnalyzerArn is a required field
AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
// The ID of the finding to retrieve.
//
// Id is a required field
Id *string `location:"uri" locationName:"id" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetFindingInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetFindingInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Id == nil {
invalidParams.Add(request.NewErrParamRequired("Id"))
}
if s.Id != nil && len(*s.Id) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Id", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetFindingInput) SetAnalyzerArn(v string) *GetFindingInput {
s.AnalyzerArn = &v
return s
}
// SetId sets the Id field's value.
func (s *GetFindingInput) SetId(v string) *GetFindingInput {
s.Id = &v
return s
}
// The response to the request.
type GetFindingOutput struct {
_ struct{} `type:"structure"`
// A finding object that contains finding details.
Finding *Finding `locationName:"finding" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingOutput) GoString() string {
return s.String()
}
// SetFinding sets the Finding field's value.
func (s *GetFindingOutput) SetFinding(v *Finding) *GetFindingOutput {
s.Finding = v
return s
}
type GetFindingRecommendationInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// used to generate the finding recommendation.
//
// AnalyzerArn is a required field
AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
// The unique ID for the finding recommendation.
//
// Id is a required field
Id *string `location:"uri" locationName:"id" min:"1" type:"string" required:"true"`
// The maximum number of results to return in the response.
MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingRecommendationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingRecommendationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetFindingRecommendationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetFindingRecommendationInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Id == nil {
invalidParams.Add(request.NewErrParamRequired("Id"))
}
if s.Id != nil && len(*s.Id) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Id", 1))
}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetFindingRecommendationInput) SetAnalyzerArn(v string) *GetFindingRecommendationInput {
s.AnalyzerArn = &v
return s
}
// SetId sets the Id field's value.
func (s *GetFindingRecommendationInput) SetId(v string) *GetFindingRecommendationInput {
s.Id = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *GetFindingRecommendationInput) SetMaxResults(v int64) *GetFindingRecommendationInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *GetFindingRecommendationInput) SetNextToken(v string) *GetFindingRecommendationInput {
s.NextToken = &v
return s
}
type GetFindingRecommendationOutput struct {
_ struct{} `type:"structure"`
// The time at which the retrieval of the finding recommendation was completed.
CompletedAt *time.Time `locationName:"completedAt" type:"timestamp" timestampFormat:"iso8601"`
// Detailed information about the reason that the retrieval of a recommendation
// for the finding failed.
Error *RecommendationError `locationName:"error" type:"structure"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
// The type of recommendation for the finding.
//
// RecommendationType is a required field
RecommendationType *string `locationName:"recommendationType" type:"string" required:"true" enum:"RecommendationType"`
// A group of recommended steps for the finding.
RecommendedSteps []*RecommendedStep `locationName:"recommendedSteps" type:"list"`
// The ARN of the resource of the finding.
//
// ResourceArn is a required field
ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"`
// The time at which the retrieval of the finding recommendation was started.
//
// StartedAt is a required field
StartedAt *time.Time `locationName:"startedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The status of the retrieval of the finding recommendation.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"Status"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingRecommendationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingRecommendationOutput) GoString() string {
return s.String()
}
// SetCompletedAt sets the CompletedAt field's value.
func (s *GetFindingRecommendationOutput) SetCompletedAt(v time.Time) *GetFindingRecommendationOutput {
s.CompletedAt = &v
return s
}
// SetError sets the Error field's value.
func (s *GetFindingRecommendationOutput) SetError(v *RecommendationError) *GetFindingRecommendationOutput {
s.Error = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *GetFindingRecommendationOutput) SetNextToken(v string) *GetFindingRecommendationOutput {
s.NextToken = &v
return s
}
// SetRecommendationType sets the RecommendationType field's value.
func (s *GetFindingRecommendationOutput) SetRecommendationType(v string) *GetFindingRecommendationOutput {
s.RecommendationType = &v
return s
}
// SetRecommendedSteps sets the RecommendedSteps field's value.
func (s *GetFindingRecommendationOutput) SetRecommendedSteps(v []*RecommendedStep) *GetFindingRecommendationOutput {
s.RecommendedSteps = v
return s
}
// SetResourceArn sets the ResourceArn field's value.
func (s *GetFindingRecommendationOutput) SetResourceArn(v string) *GetFindingRecommendationOutput {
s.ResourceArn = &v
return s
}
// SetStartedAt sets the StartedAt field's value.
func (s *GetFindingRecommendationOutput) SetStartedAt(v time.Time) *GetFindingRecommendationOutput {
s.StartedAt = &v
return s
}
// SetStatus sets the Status field's value.
func (s *GetFindingRecommendationOutput) SetStatus(v string) *GetFindingRecommendationOutput {
s.Status = &v
return s
}
type GetFindingV2Input struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// that generated the finding.
//
// AnalyzerArn is a required field
AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
// The ID of the finding to retrieve.
//
// Id is a required field
Id *string `location:"uri" locationName:"id" type:"string" required:"true"`
// The maximum number of results to return in the response.
MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Input) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Input) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetFindingV2Input) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetFindingV2Input"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Id == nil {
invalidParams.Add(request.NewErrParamRequired("Id"))
}
if s.Id != nil && len(*s.Id) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Id", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *GetFindingV2Input) SetAnalyzerArn(v string) *GetFindingV2Input {
s.AnalyzerArn = &v
return s
}
// SetId sets the Id field's value.
func (s *GetFindingV2Input) SetId(v string) *GetFindingV2Input {
s.Id = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *GetFindingV2Input) SetMaxResults(v int64) *GetFindingV2Input {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *GetFindingV2Input) SetNextToken(v string) *GetFindingV2Input {
s.NextToken = &v
return s
}
type GetFindingV2Output struct {
_ struct{} `type:"structure"`
// The time at which the resource-based policy or IAM entity that generated
// the finding was analyzed.
//
// AnalyzedAt is a required field
AnalyzedAt *time.Time `locationName:"analyzedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The time at which the finding was created.
//
// CreatedAt is a required field
CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// An error.
Error *string `locationName:"error" type:"string"`
// A localized message that explains the finding and provides guidance on how
// to address it.
//
// FindingDetails is a required field
FindingDetails []*FindingDetails `locationName:"findingDetails" type:"list" required:"true"`
// The type of the finding. For external access analyzers, the type is ExternalAccess.
// For unused access analyzers, the type can be UnusedIAMRole, UnusedIAMUserAccessKey,
// UnusedIAMUserPassword, or UnusedPermission.
FindingType *string `locationName:"findingType" type:"string" enum:"FindingType"`
// The ID of the finding to retrieve.
//
// Id is a required field
Id *string `locationName:"id" type:"string" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
// The resource that generated the finding.
Resource *string `locationName:"resource" type:"string"`
// Tye Amazon Web Services account ID that owns the resource.
//
// ResourceOwnerAccount is a required field
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string" required:"true"`
// The type of the resource identified in the finding.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
// The status of the finding.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatus"`
// The time at which the finding was updated.
//
// UpdatedAt is a required field
UpdatedAt *time.Time `locationName:"updatedAt" type:"timestamp" timestampFormat:"iso8601" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Output) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetFindingV2Output) GoString() string {
return s.String()
}
// SetAnalyzedAt sets the AnalyzedAt field's value.
func (s *GetFindingV2Output) SetAnalyzedAt(v time.Time) *GetFindingV2Output {
s.AnalyzedAt = &v
return s
}
// SetCreatedAt sets the CreatedAt field's value.
func (s *GetFindingV2Output) SetCreatedAt(v time.Time) *GetFindingV2Output {
s.CreatedAt = &v
return s
}
// SetError sets the Error field's value.
func (s *GetFindingV2Output) SetError(v string) *GetFindingV2Output {
s.Error = &v
return s
}
// SetFindingDetails sets the FindingDetails field's value.
func (s *GetFindingV2Output) SetFindingDetails(v []*FindingDetails) *GetFindingV2Output {
s.FindingDetails = v
return s
}
// SetFindingType sets the FindingType field's value.
func (s *GetFindingV2Output) SetFindingType(v string) *GetFindingV2Output {
s.FindingType = &v
return s
}
// SetId sets the Id field's value.
func (s *GetFindingV2Output) SetId(v string) *GetFindingV2Output {
s.Id = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *GetFindingV2Output) SetNextToken(v string) *GetFindingV2Output {
s.NextToken = &v
return s
}
// SetResource sets the Resource field's value.
func (s *GetFindingV2Output) SetResource(v string) *GetFindingV2Output {
s.Resource = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *GetFindingV2Output) SetResourceOwnerAccount(v string) *GetFindingV2Output {
s.ResourceOwnerAccount = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *GetFindingV2Output) SetResourceType(v string) *GetFindingV2Output {
s.ResourceType = &v
return s
}
// SetStatus sets the Status field's value.
func (s *GetFindingV2Output) SetStatus(v string) *GetFindingV2Output {
s.Status = &v
return s
}
// SetUpdatedAt sets the UpdatedAt field's value.
func (s *GetFindingV2Output) SetUpdatedAt(v time.Time) *GetFindingV2Output {
s.UpdatedAt = &v
return s
}
type GetGeneratedPolicyInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The level of detail that you want to generate. You can specify whether to
// generate policies with placeholders for resource ARNs for actions that support
// resource level granularity in policies.
//
// For example, in the resource section of a policy, you can receive a placeholder
// such as "Resource":"arn:aws:s3:::${BucketName}" instead of "*".
IncludeResourcePlaceholders *bool `location:"querystring" locationName:"includeResourcePlaceholders" type:"boolean"`
// The level of detail that you want to generate. You can specify whether to
// generate service-level policies.
//
// IAM Access Analyzer uses iam:servicelastaccessed to identify services that
// have been used recently to create this service-level template.
IncludeServiceLevelTemplate *bool `location:"querystring" locationName:"includeServiceLevelTemplate" type:"boolean"`
// The JobId that is returned by the StartPolicyGeneration operation. The JobId
// can be used with GetGeneratedPolicy to retrieve the generated policies or
// used with CancelPolicyGeneration to cancel the policy generation request.
//
// JobId is a required field
JobId *string `location:"uri" locationName:"jobId" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *GetGeneratedPolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "GetGeneratedPolicyInput"}
if s.JobId == nil {
invalidParams.Add(request.NewErrParamRequired("JobId"))
}
if s.JobId != nil && len(*s.JobId) < 1 {
invalidParams.Add(request.NewErrParamMinLen("JobId", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetIncludeResourcePlaceholders sets the IncludeResourcePlaceholders field's value.
func (s *GetGeneratedPolicyInput) SetIncludeResourcePlaceholders(v bool) *GetGeneratedPolicyInput {
s.IncludeResourcePlaceholders = &v
return s
}
// SetIncludeServiceLevelTemplate sets the IncludeServiceLevelTemplate field's value.
func (s *GetGeneratedPolicyInput) SetIncludeServiceLevelTemplate(v bool) *GetGeneratedPolicyInput {
s.IncludeServiceLevelTemplate = &v
return s
}
// SetJobId sets the JobId field's value.
func (s *GetGeneratedPolicyInput) SetJobId(v string) *GetGeneratedPolicyInput {
s.JobId = &v
return s
}
type GetGeneratedPolicyOutput struct {
_ struct{} `type:"structure"`
// A GeneratedPolicyResult object that contains the generated policies and associated
// details.
//
// GeneratedPolicyResult is a required field
GeneratedPolicyResult *GeneratedPolicyResult `locationName:"generatedPolicyResult" type:"structure" required:"true"`
// A GeneratedPolicyDetails object that contains details about the generated
// policy.
//
// JobDetails is a required field
JobDetails *JobDetails `locationName:"jobDetails" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s GetGeneratedPolicyOutput) GoString() string {
return s.String()
}
// SetGeneratedPolicyResult sets the GeneratedPolicyResult field's value.
func (s *GetGeneratedPolicyOutput) SetGeneratedPolicyResult(v *GeneratedPolicyResult) *GetGeneratedPolicyOutput {
s.GeneratedPolicyResult = v
return s
}
// SetJobDetails sets the JobDetails field's value.
func (s *GetGeneratedPolicyOutput) SetJobDetails(v *JobDetails) *GetGeneratedPolicyOutput {
s.JobDetails = v
return s
}
// The proposed access control configuration for an IAM role. You can propose
// a configuration for a new IAM role or an existing IAM role that you own by
// specifying the trust policy. If the configuration is for a new IAM role,
// you must specify the trust policy. If the configuration is for an existing
// IAM role that you own and you do not propose the trust policy, the access
// preview uses the existing trust policy for the role. The proposed trust policy
// cannot be an empty string. For more information about role trust policy limits,
// see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html).
type IamRoleConfiguration struct {
_ struct{} `type:"structure"`
// The proposed trust policy for the IAM role.
TrustPolicy *string `locationName:"trustPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s IamRoleConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s IamRoleConfiguration) GoString() string {
return s.String()
}
// SetTrustPolicy sets the TrustPolicy field's value.
func (s *IamRoleConfiguration) SetTrustPolicy(v string) *IamRoleConfiguration {
s.TrustPolicy = &v
return s
}
// An criterion statement in an archive rule. Each archive rule may have multiple
// criteria.
type InlineArchiveRule struct {
_ struct{} `type:"structure"`
// The condition and values for a criterion.
//
// Filter is a required field
Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`
// The name of the rule.
//
// RuleName is a required field
RuleName *string `locationName:"ruleName" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InlineArchiveRule) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InlineArchiveRule) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *InlineArchiveRule) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "InlineArchiveRule"}
if s.Filter == nil {
invalidParams.Add(request.NewErrParamRequired("Filter"))
}
if s.RuleName == nil {
invalidParams.Add(request.NewErrParamRequired("RuleName"))
}
if s.RuleName != nil && len(*s.RuleName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
}
if s.Filter != nil {
for i, v := range s.Filter {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetFilter sets the Filter field's value.
func (s *InlineArchiveRule) SetFilter(v map[string]*Criterion) *InlineArchiveRule {
s.Filter = v
return s
}
// SetRuleName sets the RuleName field's value.
func (s *InlineArchiveRule) SetRuleName(v string) *InlineArchiveRule {
s.RuleName = &v
return s
}
// Internal server error.
type InternalServerException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
// The seconds to wait to retry.
RetryAfterSeconds *int64 `location:"header" locationName:"Retry-After" type:"integer"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternalServerException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternalServerException) GoString() string {
return s.String()
}
func newErrorInternalServerException(v protocol.ResponseMetadata) error {
return &InternalServerException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *InternalServerException) Code() string {
return "InternalServerException"
}
// Message returns the exception's message.
func (s *InternalServerException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InternalServerException) OrigErr() error {
return nil
}
func (s *InternalServerException) Error() string {
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}
// Status code returns the HTTP status code for the request's response error.
func (s *InternalServerException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *InternalServerException) RequestID() string {
return s.RespMetadata.RequestID
}
// This configuration sets the network origin for the Amazon S3 access point
// or multi-region access point to Internet.
type InternetConfiguration struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternetConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InternetConfiguration) GoString() string {
return s.String()
}
// The specified parameter is invalid.
type InvalidParameterException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidParameterException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidParameterException) GoString() string {
return s.String()
}
func newErrorInvalidParameterException(v protocol.ResponseMetadata) error {
return &InvalidParameterException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *InvalidParameterException) Code() string {
return "InvalidParameterException"
}
// Message returns the exception's message.
func (s *InvalidParameterException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidParameterException) OrigErr() error {
return nil
}
func (s *InvalidParameterException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
func (s *InvalidParameterException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *InvalidParameterException) RequestID() string {
return s.RespMetadata.RequestID
}
// Contains details about the policy generation request.
type JobDetails struct {
_ struct{} `type:"structure"`
// A timestamp of when the job was completed.
CompletedOn *time.Time `locationName:"completedOn" type:"timestamp" timestampFormat:"iso8601"`
// The job error for the policy generation request.
JobError *JobError `locationName:"jobError" type:"structure"`
// The JobId that is returned by the StartPolicyGeneration operation. The JobId
// can be used with GetGeneratedPolicy to retrieve the generated policies or
// used with CancelPolicyGeneration to cancel the policy generation request.
//
// JobId is a required field
JobId *string `locationName:"jobId" type:"string" required:"true"`
// A timestamp of when the job was started.
//
// StartedOn is a required field
StartedOn *time.Time `locationName:"startedOn" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The status of the job request.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"JobStatus"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobDetails) GoString() string {
return s.String()
}
// SetCompletedOn sets the CompletedOn field's value.
func (s *JobDetails) SetCompletedOn(v time.Time) *JobDetails {
s.CompletedOn = &v
return s
}
// SetJobError sets the JobError field's value.
func (s *JobDetails) SetJobError(v *JobError) *JobDetails {
s.JobError = v
return s
}
// SetJobId sets the JobId field's value.
func (s *JobDetails) SetJobId(v string) *JobDetails {
s.JobId = &v
return s
}
// SetStartedOn sets the StartedOn field's value.
func (s *JobDetails) SetStartedOn(v time.Time) *JobDetails {
s.StartedOn = &v
return s
}
// SetStatus sets the Status field's value.
func (s *JobDetails) SetStatus(v string) *JobDetails {
s.Status = &v
return s
}
// Contains the details about the policy generation error.
type JobError struct {
_ struct{} `type:"structure"`
// The job error code.
//
// Code is a required field
Code *string `locationName:"code" type:"string" required:"true" enum:"JobErrorCode"`
// Specific information about the error. For example, which service quota was
// exceeded or which resource was not found.
//
// Message is a required field
Message *string `locationName:"message" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobError) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s JobError) GoString() string {
return s.String()
}
// SetCode sets the Code field's value.
func (s *JobError) SetCode(v string) *JobError {
s.Code = &v
return s
}
// SetMessage sets the Message field's value.
func (s *JobError) SetMessage(v string) *JobError {
s.Message = &v
return s
}
// A proposed grant configuration for a KMS key. For more information, see CreateGrant
// (https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateGrant.html).
type KmsGrantConfiguration struct {
_ struct{} `type:"structure"`
// Use this structure to propose allowing cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
// in the grant only when the operation request includes the specified encryption
// context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context).
Constraints *KmsGrantConstraints `locationName:"constraints" type:"structure"`
// The principal that is given permission to perform the operations that the
// grant permits.
//
// GranteePrincipal is a required field
GranteePrincipal *string `locationName:"granteePrincipal" type:"string" required:"true"`
// The Amazon Web Services account under which the grant was issued. The account
// is used to propose KMS grants issued by accounts other than the owner of
// the key.
//
// IssuingAccount is a required field
IssuingAccount *string `locationName:"issuingAccount" type:"string" required:"true"`
// A list of operations that the grant permits.
//
// Operations is a required field
Operations []*string `locationName:"operations" type:"list" required:"true" enum:"KmsGrantOperation"`
// The principal that is given permission to retire the grant by using RetireGrant
// (https://docs.aws.amazon.com/kms/latest/APIReference/API_RetireGrant.html)
// operation.
RetiringPrincipal *string `locationName:"retiringPrincipal" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *KmsGrantConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "KmsGrantConfiguration"}
if s.GranteePrincipal == nil {
invalidParams.Add(request.NewErrParamRequired("GranteePrincipal"))
}
if s.IssuingAccount == nil {
invalidParams.Add(request.NewErrParamRequired("IssuingAccount"))
}
if s.Operations == nil {
invalidParams.Add(request.NewErrParamRequired("Operations"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetConstraints sets the Constraints field's value.
func (s *KmsGrantConfiguration) SetConstraints(v *KmsGrantConstraints) *KmsGrantConfiguration {
s.Constraints = v
return s
}
// SetGranteePrincipal sets the GranteePrincipal field's value.
func (s *KmsGrantConfiguration) SetGranteePrincipal(v string) *KmsGrantConfiguration {
s.GranteePrincipal = &v
return s
}
// SetIssuingAccount sets the IssuingAccount field's value.
func (s *KmsGrantConfiguration) SetIssuingAccount(v string) *KmsGrantConfiguration {
s.IssuingAccount = &v
return s
}
// SetOperations sets the Operations field's value.
func (s *KmsGrantConfiguration) SetOperations(v []*string) *KmsGrantConfiguration {
s.Operations = v
return s
}
// SetRetiringPrincipal sets the RetiringPrincipal field's value.
func (s *KmsGrantConfiguration) SetRetiringPrincipal(v string) *KmsGrantConfiguration {
s.RetiringPrincipal = &v
return s
}
// Use this structure to propose allowing cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
// in the grant only when the operation request includes the specified encryption
// context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context).
// You can specify only one type of encryption context. An empty map is treated
// as not specified. For more information, see GrantConstraints (https://docs.aws.amazon.com/kms/latest/APIReference/API_GrantConstraints.html).
type KmsGrantConstraints struct {
_ struct{} `type:"structure"`
// A list of key-value pairs that must match the encryption context in the cryptographic
// operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
// request. The grant allows the operation only when the encryption context
// in the request is the same as the encryption context specified in this constraint.
EncryptionContextEquals map[string]*string `locationName:"encryptionContextEquals" type:"map"`
// A list of key-value pairs that must be included in the encryption context
// of the cryptographic operation (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
// request. The grant allows the cryptographic operation only when the encryption
// context in the request includes the key-value pairs specified in this constraint,
// although it can include additional key-value pairs.
EncryptionContextSubset map[string]*string `locationName:"encryptionContextSubset" type:"map"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConstraints) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsGrantConstraints) GoString() string {
return s.String()
}
// SetEncryptionContextEquals sets the EncryptionContextEquals field's value.
func (s *KmsGrantConstraints) SetEncryptionContextEquals(v map[string]*string) *KmsGrantConstraints {
s.EncryptionContextEquals = v
return s
}
// SetEncryptionContextSubset sets the EncryptionContextSubset field's value.
func (s *KmsGrantConstraints) SetEncryptionContextSubset(v map[string]*string) *KmsGrantConstraints {
s.EncryptionContextSubset = v
return s
}
// Proposed access control configuration for a KMS key. You can propose a configuration
// for a new KMS key or an existing KMS key that you own by specifying the key
// policy and KMS grant configuration. If the configuration is for an existing
// key and you do not specify the key policy, the access preview uses the existing
// policy for the key. If the access preview is for a new resource and you do
// not specify the key policy, then the access preview uses the default key
// policy. The proposed key policy cannot be an empty string. For more information,
// see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default).
// For more information about key policy limits, see Resource quotas (https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html).
type KmsKeyConfiguration struct {
_ struct{} `type:"structure"`
// A list of proposed grant configurations for the KMS key. If the proposed
// grant configuration is for an existing key, the access preview uses the proposed
// list of grant configurations in place of the existing grants. Otherwise,
// the access preview uses the existing grants for the key.
Grants []*KmsGrantConfiguration `locationName:"grants" type:"list"`
// Resource policy configuration for the KMS key. The only valid value for the
// name of the key policy is default. For more information, see Default key
// policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default).
KeyPolicies map[string]*string `locationName:"keyPolicies" type:"map"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsKeyConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s KmsKeyConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *KmsKeyConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "KmsKeyConfiguration"}
if s.Grants != nil {
for i, v := range s.Grants {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Grants", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetGrants sets the Grants field's value.
func (s *KmsKeyConfiguration) SetGrants(v []*KmsGrantConfiguration) *KmsKeyConfiguration {
s.Grants = v
return s
}
// SetKeyPolicies sets the KeyPolicies field's value.
func (s *KmsKeyConfiguration) SetKeyPolicies(v map[string]*string) *KmsKeyConfiguration {
s.KeyPolicies = v
return s
}
type ListAccessPreviewFindingsInput struct {
_ struct{} `type:"structure"`
// The unique ID for the access preview.
//
// AccessPreviewId is a required field
AccessPreviewId *string `location:"uri" locationName:"accessPreviewId" type:"string" required:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// used to generate the access.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// Criteria to filter the returned findings.
Filter map[string]*Criterion `locationName:"filter" type:"map"`
// The maximum number of results to return in the response.
MaxResults *int64 `locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAccessPreviewFindingsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListAccessPreviewFindingsInput"}
if s.AccessPreviewId == nil {
invalidParams.Add(request.NewErrParamRequired("AccessPreviewId"))
}
if s.AccessPreviewId != nil && len(*s.AccessPreviewId) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AccessPreviewId", 1))
}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Filter != nil {
for i, v := range s.Filter {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccessPreviewId sets the AccessPreviewId field's value.
func (s *ListAccessPreviewFindingsInput) SetAccessPreviewId(v string) *ListAccessPreviewFindingsInput {
s.AccessPreviewId = &v
return s
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListAccessPreviewFindingsInput) SetAnalyzerArn(v string) *ListAccessPreviewFindingsInput {
s.AnalyzerArn = &v
return s
}
// SetFilter sets the Filter field's value.
func (s *ListAccessPreviewFindingsInput) SetFilter(v map[string]*Criterion) *ListAccessPreviewFindingsInput {
s.Filter = v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListAccessPreviewFindingsInput) SetMaxResults(v int64) *ListAccessPreviewFindingsInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewFindingsInput) SetNextToken(v string) *ListAccessPreviewFindingsInput {
s.NextToken = &v
return s
}
type ListAccessPreviewFindingsOutput struct {
_ struct{} `type:"structure"`
// A list of access preview findings that match the specified filter criteria.
//
// Findings is a required field
Findings []*AccessPreviewFinding `locationName:"findings" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewFindingsOutput) GoString() string {
return s.String()
}
// SetFindings sets the Findings field's value.
func (s *ListAccessPreviewFindingsOutput) SetFindings(v []*AccessPreviewFinding) *ListAccessPreviewFindingsOutput {
s.Findings = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewFindingsOutput) SetNextToken(v string) *ListAccessPreviewFindingsOutput {
s.NextToken = &v
return s
}
type ListAccessPreviewsInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// used to generate the access preview.
//
// AnalyzerArn is a required field
AnalyzerArn *string `location:"querystring" locationName:"analyzerArn" type:"string" required:"true"`
// The maximum number of results to return in the response.
MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAccessPreviewsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListAccessPreviewsInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListAccessPreviewsInput) SetAnalyzerArn(v string) *ListAccessPreviewsInput {
s.AnalyzerArn = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListAccessPreviewsInput) SetMaxResults(v int64) *ListAccessPreviewsInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewsInput) SetNextToken(v string) *ListAccessPreviewsInput {
s.NextToken = &v
return s
}
type ListAccessPreviewsOutput struct {
_ struct{} `type:"structure"`
// A list of access previews retrieved for the analyzer.
//
// AccessPreviews is a required field
AccessPreviews []*AccessPreviewSummary `locationName:"accessPreviews" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAccessPreviewsOutput) GoString() string {
return s.String()
}
// SetAccessPreviews sets the AccessPreviews field's value.
func (s *ListAccessPreviewsOutput) SetAccessPreviews(v []*AccessPreviewSummary) *ListAccessPreviewsOutput {
s.AccessPreviews = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccessPreviewsOutput) SetNextToken(v string) *ListAccessPreviewsOutput {
s.NextToken = &v
return s
}
// Retrieves a list of resources that have been analyzed.
type ListAnalyzedResourcesInput struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// to retrieve a list of analyzed resources from.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// The maximum number of results to return in the response.
MaxResults *int64 `locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
// The type of resource.
ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAnalyzedResourcesInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListAnalyzedResourcesInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListAnalyzedResourcesInput) SetAnalyzerArn(v string) *ListAnalyzedResourcesInput {
s.AnalyzerArn = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListAnalyzedResourcesInput) SetMaxResults(v int64) *ListAnalyzedResourcesInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzedResourcesInput) SetNextToken(v string) *ListAnalyzedResourcesInput {
s.NextToken = &v
return s
}
// SetResourceType sets the ResourceType field's value.
func (s *ListAnalyzedResourcesInput) SetResourceType(v string) *ListAnalyzedResourcesInput {
s.ResourceType = &v
return s
}
// The response to the request.
type ListAnalyzedResourcesOutput struct {
_ struct{} `type:"structure"`
// A list of resources that were analyzed.
//
// AnalyzedResources is a required field
AnalyzedResources []*AnalyzedResourceSummary `locationName:"analyzedResources" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzedResourcesOutput) GoString() string {
return s.String()
}
// SetAnalyzedResources sets the AnalyzedResources field's value.
func (s *ListAnalyzedResourcesOutput) SetAnalyzedResources(v []*AnalyzedResourceSummary) *ListAnalyzedResourcesOutput {
s.AnalyzedResources = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzedResourcesOutput) SetNextToken(v string) *ListAnalyzedResourcesOutput {
s.NextToken = &v
return s
}
// Retrieves a list of analyzers.
type ListAnalyzersInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The maximum number of results to return in the response.
MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
// The type of analyzer.
Type *string `location:"querystring" locationName:"type" type:"string" enum:"Type"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersInput) GoString() string {
return s.String()
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListAnalyzersInput) SetMaxResults(v int64) *ListAnalyzersInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzersInput) SetNextToken(v string) *ListAnalyzersInput {
s.NextToken = &v
return s
}
// SetType sets the Type field's value.
func (s *ListAnalyzersInput) SetType(v string) *ListAnalyzersInput {
s.Type = &v
return s
}
// The response to the request.
type ListAnalyzersOutput struct {
_ struct{} `type:"structure"`
// The analyzers retrieved.
//
// Analyzers is a required field
Analyzers []*AnalyzerSummary `locationName:"analyzers" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListAnalyzersOutput) GoString() string {
return s.String()
}
// SetAnalyzers sets the Analyzers field's value.
func (s *ListAnalyzersOutput) SetAnalyzers(v []*AnalyzerSummary) *ListAnalyzersOutput {
s.Analyzers = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAnalyzersOutput) SetNextToken(v string) *ListAnalyzersOutput {
s.NextToken = &v
return s
}
// Retrieves a list of archive rules created for the specified analyzer.
type ListArchiveRulesInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The name of the analyzer to retrieve rules from.
//
// AnalyzerName is a required field
AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
// The maximum number of results to return in the request.
MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListArchiveRulesInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListArchiveRulesInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *ListArchiveRulesInput) SetAnalyzerName(v string) *ListArchiveRulesInput {
s.AnalyzerName = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListArchiveRulesInput) SetMaxResults(v int64) *ListArchiveRulesInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListArchiveRulesInput) SetNextToken(v string) *ListArchiveRulesInput {
s.NextToken = &v
return s
}
// The response to the request.
type ListArchiveRulesOutput struct {
_ struct{} `type:"structure"`
// A list of archive rules created for the specified analyzer.
//
// ArchiveRules is a required field
ArchiveRules []*ArchiveRuleSummary `locationName:"archiveRules" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListArchiveRulesOutput) GoString() string {
return s.String()
}
// SetArchiveRules sets the ArchiveRules field's value.
func (s *ListArchiveRulesOutput) SetArchiveRules(v []*ArchiveRuleSummary) *ListArchiveRulesOutput {
s.ArchiveRules = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListArchiveRulesOutput) SetNextToken(v string) *ListArchiveRulesOutput {
s.NextToken = &v
return s
}
// Retrieves a list of findings generated by the specified analyzer.
type ListFindingsInput struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// to retrieve findings from.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// A filter to match for the findings to return.
Filter map[string]*Criterion `locationName:"filter" type:"map"`
// The maximum number of results to return in the response.
MaxResults *int64 `locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
// The sort order for the findings returned.
Sort *SortCriteria `locationName:"sort" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListFindingsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListFindingsInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Filter != nil {
for i, v := range s.Filter {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListFindingsInput) SetAnalyzerArn(v string) *ListFindingsInput {
s.AnalyzerArn = &v
return s
}
// SetFilter sets the Filter field's value.
func (s *ListFindingsInput) SetFilter(v map[string]*Criterion) *ListFindingsInput {
s.Filter = v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListFindingsInput) SetMaxResults(v int64) *ListFindingsInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListFindingsInput) SetNextToken(v string) *ListFindingsInput {
s.NextToken = &v
return s
}
// SetSort sets the Sort field's value.
func (s *ListFindingsInput) SetSort(v *SortCriteria) *ListFindingsInput {
s.Sort = v
return s
}
// The response to the request.
type ListFindingsOutput struct {
_ struct{} `type:"structure"`
// A list of findings retrieved from the analyzer that match the filter criteria
// specified, if any.
//
// Findings is a required field
Findings []*FindingSummary `locationName:"findings" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsOutput) GoString() string {
return s.String()
}
// SetFindings sets the Findings field's value.
func (s *ListFindingsOutput) SetFindings(v []*FindingSummary) *ListFindingsOutput {
s.Findings = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListFindingsOutput) SetNextToken(v string) *ListFindingsOutput {
s.NextToken = &v
return s
}
type ListFindingsV2Input struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// to retrieve findings from.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// A filter to match for the findings to return.
Filter map[string]*Criterion `locationName:"filter" type:"map"`
// The maximum number of results to return in the response.
MaxResults *int64 `locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
// The criteria used to sort.
Sort *SortCriteria `locationName:"sort" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Input) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Input) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListFindingsV2Input) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListFindingsV2Input"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Filter != nil {
for i, v := range s.Filter {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *ListFindingsV2Input) SetAnalyzerArn(v string) *ListFindingsV2Input {
s.AnalyzerArn = &v
return s
}
// SetFilter sets the Filter field's value.
func (s *ListFindingsV2Input) SetFilter(v map[string]*Criterion) *ListFindingsV2Input {
s.Filter = v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListFindingsV2Input) SetMaxResults(v int64) *ListFindingsV2Input {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListFindingsV2Input) SetNextToken(v string) *ListFindingsV2Input {
s.NextToken = &v
return s
}
// SetSort sets the Sort field's value.
func (s *ListFindingsV2Input) SetSort(v *SortCriteria) *ListFindingsV2Input {
s.Sort = v
return s
}
type ListFindingsV2Output struct {
_ struct{} `type:"structure"`
// A list of findings retrieved from the analyzer that match the filter criteria
// specified, if any.
//
// Findings is a required field
Findings []*FindingSummaryV2 `locationName:"findings" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Output) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListFindingsV2Output) GoString() string {
return s.String()
}
// SetFindings sets the Findings field's value.
func (s *ListFindingsV2Output) SetFindings(v []*FindingSummaryV2) *ListFindingsV2Output {
s.Findings = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListFindingsV2Output) SetNextToken(v string) *ListFindingsV2Output {
s.NextToken = &v
return s
}
type ListPolicyGenerationsInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The maximum number of results to return in the response.
MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
// The ARN of the IAM entity (user or role) for which you are generating a policy.
// Use this with ListGeneratedPolicies to filter the results to only include
// results for a specific principal.
PrincipalArn *string `location:"querystring" locationName:"principalArn" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListPolicyGenerationsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListPolicyGenerationsInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListPolicyGenerationsInput) SetMaxResults(v int64) *ListPolicyGenerationsInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListPolicyGenerationsInput) SetNextToken(v string) *ListPolicyGenerationsInput {
s.NextToken = &v
return s
}
// SetPrincipalArn sets the PrincipalArn field's value.
func (s *ListPolicyGenerationsInput) SetPrincipalArn(v string) *ListPolicyGenerationsInput {
s.PrincipalArn = &v
return s
}
type ListPolicyGenerationsOutput struct {
_ struct{} `type:"structure"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
// A PolicyGeneration object that contains details about the generated policy.
//
// PolicyGenerations is a required field
PolicyGenerations []*PolicyGeneration `locationName:"policyGenerations" type:"list" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListPolicyGenerationsOutput) GoString() string {
return s.String()
}
// SetNextToken sets the NextToken field's value.
func (s *ListPolicyGenerationsOutput) SetNextToken(v string) *ListPolicyGenerationsOutput {
s.NextToken = &v
return s
}
// SetPolicyGenerations sets the PolicyGenerations field's value.
func (s *ListPolicyGenerationsOutput) SetPolicyGenerations(v []*PolicyGeneration) *ListPolicyGenerationsOutput {
s.PolicyGenerations = v
return s
}
// Retrieves a list of tags applied to the specified resource.
type ListTagsForResourceInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the resource to retrieve tags from.
//
// ResourceArn is a required field
ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListTagsForResourceInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"}
if s.ResourceArn == nil {
invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
}
if s.ResourceArn != nil && len(*s.ResourceArn) < 1 {
invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetResourceArn sets the ResourceArn field's value.
func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput {
s.ResourceArn = &v
return s
}
// The response to the request.
type ListTagsForResourceOutput struct {
_ struct{} `type:"structure"`
// The tags that are applied to the specified resource.
Tags map[string]*string `locationName:"tags" type:"map"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ListTagsForResourceOutput) GoString() string {
return s.String()
}
// SetTags sets the Tags field's value.
func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput {
s.Tags = v
return s
}
// A location in a policy that is represented as a path through the JSON representation
// and a corresponding span.
type Location struct {
_ struct{} `type:"structure"`
// A path in a policy, represented as a sequence of path elements.
//
// Path is a required field
Path []*PathElement `locationName:"path" type:"list" required:"true"`
// A span in a policy.
//
// Span is a required field
Span *Span `locationName:"span" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Location) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Location) GoString() string {
return s.String()
}
// SetPath sets the Path field's value.
func (s *Location) SetPath(v []*PathElement) *Location {
s.Path = v
return s
}
// SetSpan sets the Span field's value.
func (s *Location) SetSpan(v *Span) *Location {
s.Span = v
return s
}
// The proposed InternetConfiguration or VpcConfiguration to apply to the Amazon
// S3 access point. VpcConfiguration does not apply to multi-region access points.
// You can make the access point accessible from the internet, or you can specify
// that all requests made through that access point must originate from a specific
// virtual private cloud (VPC). You can specify only one type of network configuration.
// For more information, see Creating access points (https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html).
type NetworkOriginConfiguration struct {
_ struct{} `type:"structure"`
// The configuration for the Amazon S3 access point or multi-region access point
// with an Internet origin.
InternetConfiguration *InternetConfiguration `locationName:"internetConfiguration" type:"structure"`
// The proposed virtual private cloud (VPC) configuration for the Amazon S3
// access point. VPC configuration does not apply to multi-region access points.
// For more information, see VpcConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html).
VpcConfiguration *VpcConfiguration `locationName:"vpcConfiguration" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NetworkOriginConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s NetworkOriginConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *NetworkOriginConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "NetworkOriginConfiguration"}
if s.VpcConfiguration != nil {
if err := s.VpcConfiguration.Validate(); err != nil {
invalidParams.AddNested("VpcConfiguration", err.(request.ErrInvalidParams))
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetInternetConfiguration sets the InternetConfiguration field's value.
func (s *NetworkOriginConfiguration) SetInternetConfiguration(v *InternetConfiguration) *NetworkOriginConfiguration {
s.InternetConfiguration = v
return s
}
// SetVpcConfiguration sets the VpcConfiguration field's value.
func (s *NetworkOriginConfiguration) SetVpcConfiguration(v *VpcConfiguration) *NetworkOriginConfiguration {
s.VpcConfiguration = v
return s
}
// A single element in a path through the JSON representation of a policy.
type PathElement struct {
_ struct{} `type:"structure"`
// Refers to an index in a JSON array.
Index *int64 `locationName:"index" type:"integer"`
// Refers to a key in a JSON object.
Key *string `locationName:"key" type:"string"`
// Refers to a substring of a literal string in a JSON object.
Substring *Substring `locationName:"substring" type:"structure"`
// Refers to the value associated with a given key in a JSON object.
Value *string `locationName:"value" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PathElement) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PathElement) GoString() string {
return s.String()
}
// SetIndex sets the Index field's value.
func (s *PathElement) SetIndex(v int64) *PathElement {
s.Index = &v
return s
}
// SetKey sets the Key field's value.
func (s *PathElement) SetKey(v string) *PathElement {
s.Key = &v
return s
}
// SetSubstring sets the Substring field's value.
func (s *PathElement) SetSubstring(v *Substring) *PathElement {
s.Substring = v
return s
}
// SetValue sets the Value field's value.
func (s *PathElement) SetValue(v string) *PathElement {
s.Value = &v
return s
}
// Contains details about the policy generation status and properties.
type PolicyGeneration struct {
_ struct{} `type:"structure"`
// A timestamp of when the policy generation was completed.
CompletedOn *time.Time `locationName:"completedOn" type:"timestamp" timestampFormat:"iso8601"`
// The JobId that is returned by the StartPolicyGeneration operation. The JobId
// can be used with GetGeneratedPolicy to retrieve the generated policies or
// used with CancelPolicyGeneration to cancel the policy generation request.
//
// JobId is a required field
JobId *string `locationName:"jobId" type:"string" required:"true"`
// The ARN of the IAM entity (user or role) for which you are generating a policy.
//
// PrincipalArn is a required field
PrincipalArn *string `locationName:"principalArn" type:"string" required:"true"`
// A timestamp of when the policy generation started.
//
// StartedOn is a required field
StartedOn *time.Time `locationName:"startedOn" type:"timestamp" timestampFormat:"iso8601" required:"true"`
// The status of the policy generation request.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"JobStatus"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGeneration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGeneration) GoString() string {
return s.String()
}
// SetCompletedOn sets the CompletedOn field's value.
func (s *PolicyGeneration) SetCompletedOn(v time.Time) *PolicyGeneration {
s.CompletedOn = &v
return s
}
// SetJobId sets the JobId field's value.
func (s *PolicyGeneration) SetJobId(v string) *PolicyGeneration {
s.JobId = &v
return s
}
// SetPrincipalArn sets the PrincipalArn field's value.
func (s *PolicyGeneration) SetPrincipalArn(v string) *PolicyGeneration {
s.PrincipalArn = &v
return s
}
// SetStartedOn sets the StartedOn field's value.
func (s *PolicyGeneration) SetStartedOn(v time.Time) *PolicyGeneration {
s.StartedOn = &v
return s
}
// SetStatus sets the Status field's value.
func (s *PolicyGeneration) SetStatus(v string) *PolicyGeneration {
s.Status = &v
return s
}
// Contains the ARN details about the IAM entity for which the policy is generated.
type PolicyGenerationDetails struct {
_ struct{} `type:"structure"`
// The ARN of the IAM entity (user or role) for which you are generating a policy.
//
// PrincipalArn is a required field
PrincipalArn *string `locationName:"principalArn" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGenerationDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s PolicyGenerationDetails) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *PolicyGenerationDetails) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "PolicyGenerationDetails"}
if s.PrincipalArn == nil {
invalidParams.Add(request.NewErrParamRequired("PrincipalArn"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPrincipalArn sets the PrincipalArn field's value.
func (s *PolicyGenerationDetails) SetPrincipalArn(v string) *PolicyGenerationDetails {
s.PrincipalArn = &v
return s
}
// A position in a policy.
type Position struct {
_ struct{} `type:"structure"`
// The column of the position, starting from 0.
//
// Column is a required field
Column *int64 `locationName:"column" type:"integer" required:"true"`
// The line of the position, starting from 1.
//
// Line is a required field
Line *int64 `locationName:"line" type:"integer" required:"true"`
// The offset within the policy that corresponds to the position, starting from
// 0.
//
// Offset is a required field
Offset *int64 `locationName:"offset" type:"integer" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Position) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Position) GoString() string {
return s.String()
}
// SetColumn sets the Column field's value.
func (s *Position) SetColumn(v int64) *Position {
s.Column = &v
return s
}
// SetLine sets the Line field's value.
func (s *Position) SetLine(v int64) *Position {
s.Line = &v
return s
}
// SetOffset sets the Offset field's value.
func (s *Position) SetOffset(v int64) *Position {
s.Offset = &v
return s
}
// The values for a manual Amazon RDS DB cluster snapshot attribute.
type RdsDbClusterSnapshotAttributeValue struct {
_ struct{} `type:"structure"`
// The Amazon Web Services account IDs that have access to the manual Amazon
// RDS DB cluster snapshot. If the value all is specified, then the Amazon RDS
// DB cluster snapshot is public and can be copied or restored by all Amazon
// Web Services accounts.
//
// * If the configuration is for an existing Amazon RDS DB cluster snapshot
// and you do not specify the accountIds in RdsDbClusterSnapshotAttributeValue,
// then the access preview uses the existing shared accountIds for the snapshot.
//
// * If the access preview is for a new resource and you do not specify the
// specify the accountIds in RdsDbClusterSnapshotAttributeValue, then the
// access preview considers the snapshot without any attributes.
//
// * To propose deletion of existing shared accountIds, you can specify an
// empty list for accountIds in the RdsDbClusterSnapshotAttributeValue.
AccountIds []*string `locationName:"accountIds" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotAttributeValue) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotAttributeValue) GoString() string {
return s.String()
}
// SetAccountIds sets the AccountIds field's value.
func (s *RdsDbClusterSnapshotAttributeValue) SetAccountIds(v []*string) *RdsDbClusterSnapshotAttributeValue {
s.AccountIds = v
return s
}
// The proposed access control configuration for an Amazon RDS DB cluster snapshot.
// You can propose a configuration for a new Amazon RDS DB cluster snapshot
// or an Amazon RDS DB cluster snapshot that you own by specifying the RdsDbClusterSnapshotAttributeValue
// and optional KMS encryption key. For more information, see ModifyDBClusterSnapshotAttribute
// (https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBClusterSnapshotAttribute.html).
type RdsDbClusterSnapshotConfiguration struct {
_ struct{} `type:"structure"`
// The names and values of manual DB cluster snapshot attributes. Manual DB
// cluster snapshot attributes are used to authorize other Amazon Web Services
// accounts to restore a manual DB cluster snapshot. The only valid value for
// AttributeName for the attribute map is restore
Attributes map[string]*RdsDbClusterSnapshotAttributeValue `locationName:"attributes" type:"map"`
// The KMS key identifier for an encrypted Amazon RDS DB cluster snapshot. The
// KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the
// KMS key.
//
// * If the configuration is for an existing Amazon RDS DB cluster snapshot
// and you do not specify the kmsKeyId, or you specify an empty string, then
// the access preview uses the existing kmsKeyId of the snapshot.
//
// * If the access preview is for a new resource and you do not specify the
// specify the kmsKeyId, then the access preview considers the snapshot as
// unencrypted.
KmsKeyId *string `locationName:"kmsKeyId" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbClusterSnapshotConfiguration) GoString() string {
return s.String()
}
// SetAttributes sets the Attributes field's value.
func (s *RdsDbClusterSnapshotConfiguration) SetAttributes(v map[string]*RdsDbClusterSnapshotAttributeValue) *RdsDbClusterSnapshotConfiguration {
s.Attributes = v
return s
}
// SetKmsKeyId sets the KmsKeyId field's value.
func (s *RdsDbClusterSnapshotConfiguration) SetKmsKeyId(v string) *RdsDbClusterSnapshotConfiguration {
s.KmsKeyId = &v
return s
}
// The name and values of a manual Amazon RDS DB snapshot attribute. Manual
// DB snapshot attributes are used to authorize other Amazon Web Services accounts
// to restore a manual DB snapshot.
type RdsDbSnapshotAttributeValue struct {
_ struct{} `type:"structure"`
// The Amazon Web Services account IDs that have access to the manual Amazon
// RDS DB snapshot. If the value all is specified, then the Amazon RDS DB snapshot
// is public and can be copied or restored by all Amazon Web Services accounts.
//
// * If the configuration is for an existing Amazon RDS DB snapshot and you
// do not specify the accountIds in RdsDbSnapshotAttributeValue, then the
// access preview uses the existing shared accountIds for the snapshot.
//
// * If the access preview is for a new resource and you do not specify the
// specify the accountIds in RdsDbSnapshotAttributeValue, then the access
// preview considers the snapshot without any attributes.
//
// * To propose deletion of an existing shared accountIds, you can specify
// an empty list for accountIds in the RdsDbSnapshotAttributeValue.
AccountIds []*string `locationName:"accountIds" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotAttributeValue) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotAttributeValue) GoString() string {
return s.String()
}
// SetAccountIds sets the AccountIds field's value.
func (s *RdsDbSnapshotAttributeValue) SetAccountIds(v []*string) *RdsDbSnapshotAttributeValue {
s.AccountIds = v
return s
}
// The proposed access control configuration for an Amazon RDS DB snapshot.
// You can propose a configuration for a new Amazon RDS DB snapshot or an Amazon
// RDS DB snapshot that you own by specifying the RdsDbSnapshotAttributeValue
// and optional KMS encryption key. For more information, see ModifyDBSnapshotAttribute
// (https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBSnapshotAttribute.html).
type RdsDbSnapshotConfiguration struct {
_ struct{} `type:"structure"`
// The names and values of manual DB snapshot attributes. Manual DB snapshot
// attributes are used to authorize other Amazon Web Services accounts to restore
// a manual DB snapshot. The only valid value for attributeName for the attribute
// map is restore.
Attributes map[string]*RdsDbSnapshotAttributeValue `locationName:"attributes" type:"map"`
// The KMS key identifier for an encrypted Amazon RDS DB snapshot. The KMS key
// identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
//
// * If the configuration is for an existing Amazon RDS DB snapshot and you
// do not specify the kmsKeyId, or you specify an empty string, then the
// access preview uses the existing kmsKeyId of the snapshot.
//
// * If the access preview is for a new resource and you do not specify the
// specify the kmsKeyId, then the access preview considers the snapshot as
// unencrypted.
KmsKeyId *string `locationName:"kmsKeyId" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RdsDbSnapshotConfiguration) GoString() string {
return s.String()
}
// SetAttributes sets the Attributes field's value.
func (s *RdsDbSnapshotConfiguration) SetAttributes(v map[string]*RdsDbSnapshotAttributeValue) *RdsDbSnapshotConfiguration {
s.Attributes = v
return s
}
// SetKmsKeyId sets the KmsKeyId field's value.
func (s *RdsDbSnapshotConfiguration) SetKmsKeyId(v string) *RdsDbSnapshotConfiguration {
s.KmsKeyId = &v
return s
}
// Contains information about the reasoning why a check for access passed or
// failed.
type ReasonSummary struct {
_ struct{} `type:"structure"`
// A description of the reasoning of a result of checking for access.
Description *string `locationName:"description" type:"string"`
// The identifier for the reason statement.
StatementId *string `locationName:"statementId" type:"string"`
// The index number of the reason statement.
StatementIndex *int64 `locationName:"statementIndex" type:"integer"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ReasonSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ReasonSummary) GoString() string {
return s.String()
}
// SetDescription sets the Description field's value.
func (s *ReasonSummary) SetDescription(v string) *ReasonSummary {
s.Description = &v
return s
}
// SetStatementId sets the StatementId field's value.
func (s *ReasonSummary) SetStatementId(v string) *ReasonSummary {
s.StatementId = &v
return s
}
// SetStatementIndex sets the StatementIndex field's value.
func (s *ReasonSummary) SetStatementIndex(v int64) *ReasonSummary {
s.StatementIndex = &v
return s
}
// Contains information about the reason that the retrieval of a recommendation
// for a finding failed.
type RecommendationError struct {
_ struct{} `type:"structure"`
// The error code for a failed retrieval of a recommendation for a finding.
//
// Code is a required field
Code *string `locationName:"code" type:"string" required:"true"`
// The error message for a failed retrieval of a recommendation for a finding.
//
// Message is a required field
Message *string `locationName:"message" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RecommendationError) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RecommendationError) GoString() string {
return s.String()
}
// SetCode sets the Code field's value.
func (s *RecommendationError) SetCode(v string) *RecommendationError {
s.Code = &v
return s
}
// SetMessage sets the Message field's value.
func (s *RecommendationError) SetMessage(v string) *RecommendationError {
s.Message = &v
return s
}
// Contains information about a recommended step for an unused access analyzer
// finding.
type RecommendedStep struct {
_ struct{} `type:"structure"`
// A recommended step for an unused permissions finding.
UnusedPermissionsRecommendedStep *UnusedPermissionsRecommendedStep `locationName:"unusedPermissionsRecommendedStep" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RecommendedStep) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s RecommendedStep) GoString() string {
return s.String()
}
// SetUnusedPermissionsRecommendedStep sets the UnusedPermissionsRecommendedStep field's value.
func (s *RecommendedStep) SetUnusedPermissionsRecommendedStep(v *UnusedPermissionsRecommendedStep) *RecommendedStep {
s.UnusedPermissionsRecommendedStep = v
return s
}
// The specified resource could not be found.
type ResourceNotFoundException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
// The ID of the resource.
//
// ResourceId is a required field
ResourceId *string `locationName:"resourceId" type:"string" required:"true"`
// The type of the resource.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceNotFoundException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ResourceNotFoundException) GoString() string {
return s.String()
}
func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error {
return &ResourceNotFoundException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *ResourceNotFoundException) Code() string {
return "ResourceNotFoundException"
}
// Message returns the exception's message.
func (s *ResourceNotFoundException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ResourceNotFoundException) OrigErr() error {
return nil
}
func (s *ResourceNotFoundException) Error() string {
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}
// Status code returns the HTTP status code for the request's response error.
func (s *ResourceNotFoundException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *ResourceNotFoundException) RequestID() string {
return s.RespMetadata.RequestID
}
// The configuration for an Amazon S3 access point or multi-region access point
// for the bucket. You can propose up to 10 access points or multi-region access
// points per bucket. If the proposed Amazon S3 access point configuration is
// for an existing bucket, the access preview uses the proposed access point
// configuration in place of the existing access points. To propose an access
// point without a policy, you can provide an empty string as the access point
// policy. For more information, see Creating access points (https://docs.aws.amazon.com/AmazonS3/latest/dev/creating-access-points.html).
// For more information about access point policy limits, see Access points
// restrictions and limitations (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points-restrictions-limitations.html).
type S3AccessPointConfiguration struct {
_ struct{} `type:"structure"`
// The access point or multi-region access point policy.
AccessPointPolicy *string `locationName:"accessPointPolicy" type:"string"`
// The proposed Internet and VpcConfiguration to apply to this Amazon S3 access
// point. VpcConfiguration does not apply to multi-region access points. If
// the access preview is for a new resource and neither is specified, the access
// preview uses Internet for the network origin. If the access preview is for
// an existing resource and neither is specified, the access preview uses the
// exiting network origin.
NetworkOrigin *NetworkOriginConfiguration `locationName:"networkOrigin" type:"structure"`
// The proposed S3PublicAccessBlock configuration to apply to this Amazon S3
// access point or multi-region access point.
PublicAccessBlock *S3PublicAccessBlockConfiguration `locationName:"publicAccessBlock" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3AccessPointConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3AccessPointConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *S3AccessPointConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "S3AccessPointConfiguration"}
if s.NetworkOrigin != nil {
if err := s.NetworkOrigin.Validate(); err != nil {
invalidParams.AddNested("NetworkOrigin", err.(request.ErrInvalidParams))
}
}
if s.PublicAccessBlock != nil {
if err := s.PublicAccessBlock.Validate(); err != nil {
invalidParams.AddNested("PublicAccessBlock", err.(request.ErrInvalidParams))
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccessPointPolicy sets the AccessPointPolicy field's value.
func (s *S3AccessPointConfiguration) SetAccessPointPolicy(v string) *S3AccessPointConfiguration {
s.AccessPointPolicy = &v
return s
}
// SetNetworkOrigin sets the NetworkOrigin field's value.
func (s *S3AccessPointConfiguration) SetNetworkOrigin(v *NetworkOriginConfiguration) *S3AccessPointConfiguration {
s.NetworkOrigin = v
return s
}
// SetPublicAccessBlock sets the PublicAccessBlock field's value.
func (s *S3AccessPointConfiguration) SetPublicAccessBlock(v *S3PublicAccessBlockConfiguration) *S3AccessPointConfiguration {
s.PublicAccessBlock = v
return s
}
// A proposed access control list grant configuration for an Amazon S3 bucket.
// For more information, see How to Specify an ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#setting-acls).
type S3BucketAclGrantConfiguration struct {
_ struct{} `type:"structure"`
// The grantee to whom you’re assigning access rights.
//
// Grantee is a required field
Grantee *AclGrantee `locationName:"grantee" type:"structure" required:"true"`
// The permissions being granted.
//
// Permission is a required field
Permission *string `locationName:"permission" type:"string" required:"true" enum:"AclPermission"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketAclGrantConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketAclGrantConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *S3BucketAclGrantConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "S3BucketAclGrantConfiguration"}
if s.Grantee == nil {
invalidParams.Add(request.NewErrParamRequired("Grantee"))
}
if s.Permission == nil {
invalidParams.Add(request.NewErrParamRequired("Permission"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetGrantee sets the Grantee field's value.
func (s *S3BucketAclGrantConfiguration) SetGrantee(v *AclGrantee) *S3BucketAclGrantConfiguration {
s.Grantee = v
return s
}
// SetPermission sets the Permission field's value.
func (s *S3BucketAclGrantConfiguration) SetPermission(v string) *S3BucketAclGrantConfiguration {
s.Permission = &v
return s
}
// Proposed access control configuration for an Amazon S3 bucket. You can propose
// a configuration for a new Amazon S3 bucket or an existing Amazon S3 bucket
// that you own by specifying the Amazon S3 bucket policy, bucket ACLs, bucket
// BPA settings, Amazon S3 access points, and multi-region access points attached
// to the bucket. If the configuration is for an existing Amazon S3 bucket and
// you do not specify the Amazon S3 bucket policy, the access preview uses the
// existing policy attached to the bucket. If the access preview is for a new
// resource and you do not specify the Amazon S3 bucket policy, the access preview
// assumes a bucket without a policy. To propose deletion of an existing bucket
// policy, you can specify an empty string. For more information about bucket
// policy limits, see Bucket Policy Examples (https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html).
type S3BucketConfiguration struct {
_ struct{} `type:"structure"`
// The configuration of Amazon S3 access points or multi-region access points
// for the bucket. You can propose up to 10 new access points per bucket.
AccessPoints map[string]*S3AccessPointConfiguration `locationName:"accessPoints" type:"map"`
// The proposed list of ACL grants for the Amazon S3 bucket. You can propose
// up to 100 ACL grants per bucket. If the proposed grant configuration is for
// an existing bucket, the access preview uses the proposed list of grant configurations
// in place of the existing grants. Otherwise, the access preview uses the existing
// grants for the bucket.
BucketAclGrants []*S3BucketAclGrantConfiguration `locationName:"bucketAclGrants" type:"list"`
// The proposed bucket policy for the Amazon S3 bucket.
BucketPolicy *string `locationName:"bucketPolicy" type:"string"`
// The proposed block public access configuration for the Amazon S3 bucket.
BucketPublicAccessBlock *S3PublicAccessBlockConfiguration `locationName:"bucketPublicAccessBlock" type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3BucketConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *S3BucketConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "S3BucketConfiguration"}
if s.AccessPoints != nil {
for i, v := range s.AccessPoints {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AccessPoints", i), err.(request.ErrInvalidParams))
}
}
}
if s.BucketAclGrants != nil {
for i, v := range s.BucketAclGrants {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "BucketAclGrants", i), err.(request.ErrInvalidParams))
}
}
}
if s.BucketPublicAccessBlock != nil {
if err := s.BucketPublicAccessBlock.Validate(); err != nil {
invalidParams.AddNested("BucketPublicAccessBlock", err.(request.ErrInvalidParams))
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccessPoints sets the AccessPoints field's value.
func (s *S3BucketConfiguration) SetAccessPoints(v map[string]*S3AccessPointConfiguration) *S3BucketConfiguration {
s.AccessPoints = v
return s
}
// SetBucketAclGrants sets the BucketAclGrants field's value.
func (s *S3BucketConfiguration) SetBucketAclGrants(v []*S3BucketAclGrantConfiguration) *S3BucketConfiguration {
s.BucketAclGrants = v
return s
}
// SetBucketPolicy sets the BucketPolicy field's value.
func (s *S3BucketConfiguration) SetBucketPolicy(v string) *S3BucketConfiguration {
s.BucketPolicy = &v
return s
}
// SetBucketPublicAccessBlock sets the BucketPublicAccessBlock field's value.
func (s *S3BucketConfiguration) SetBucketPublicAccessBlock(v *S3PublicAccessBlockConfiguration) *S3BucketConfiguration {
s.BucketPublicAccessBlock = v
return s
}
// Proposed access control configuration for an Amazon S3 directory bucket.
// You can propose a configuration for a new Amazon S3 directory bucket or an
// existing Amazon S3 directory bucket that you own by specifying the Amazon
// S3 bucket policy. If the configuration is for an existing Amazon S3 directory
// bucket and you do not specify the Amazon S3 bucket policy, the access preview
// uses the existing policy attached to the directory bucket. If the access
// preview is for a new resource and you do not specify the Amazon S3 bucket
// policy, the access preview assumes an directory bucket without a policy.
// To propose deletion of an existing bucket policy, you can specify an empty
// string. For more information about Amazon S3 directory bucket policies, see
// Example directory bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html).
type S3ExpressDirectoryBucketConfiguration struct {
_ struct{} `type:"structure"`
// The proposed bucket policy for the Amazon S3 directory bucket.
BucketPolicy *string `locationName:"bucketPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3ExpressDirectoryBucketConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3ExpressDirectoryBucketConfiguration) GoString() string {
return s.String()
}
// SetBucketPolicy sets the BucketPolicy field's value.
func (s *S3ExpressDirectoryBucketConfiguration) SetBucketPolicy(v string) *S3ExpressDirectoryBucketConfiguration {
s.BucketPolicy = &v
return s
}
// The PublicAccessBlock configuration to apply to this Amazon S3 bucket. If
// the proposed configuration is for an existing Amazon S3 bucket and the configuration
// is not specified, the access preview uses the existing setting. If the proposed
// configuration is for a new bucket and the configuration is not specified,
// the access preview uses false. If the proposed configuration is for a new
// access point or multi-region access point and the access point BPA configuration
// is not specified, the access preview uses true. For more information, see
// PublicAccessBlockConfiguration (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-publicaccessblockconfiguration.html).
type S3PublicAccessBlockConfiguration struct {
_ struct{} `type:"structure"`
// Specifies whether Amazon S3 should ignore public ACLs for this bucket and
// objects in this bucket.
//
// IgnorePublicAcls is a required field
IgnorePublicAcls *bool `locationName:"ignorePublicAcls" type:"boolean" required:"true"`
// Specifies whether Amazon S3 should restrict public bucket policies for this
// bucket.
//
// RestrictPublicBuckets is a required field
RestrictPublicBuckets *bool `locationName:"restrictPublicBuckets" type:"boolean" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3PublicAccessBlockConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s S3PublicAccessBlockConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *S3PublicAccessBlockConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "S3PublicAccessBlockConfiguration"}
if s.IgnorePublicAcls == nil {
invalidParams.Add(request.NewErrParamRequired("IgnorePublicAcls"))
}
if s.RestrictPublicBuckets == nil {
invalidParams.Add(request.NewErrParamRequired("RestrictPublicBuckets"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetIgnorePublicAcls sets the IgnorePublicAcls field's value.
func (s *S3PublicAccessBlockConfiguration) SetIgnorePublicAcls(v bool) *S3PublicAccessBlockConfiguration {
s.IgnorePublicAcls = &v
return s
}
// SetRestrictPublicBuckets sets the RestrictPublicBuckets field's value.
func (s *S3PublicAccessBlockConfiguration) SetRestrictPublicBuckets(v bool) *S3PublicAccessBlockConfiguration {
s.RestrictPublicBuckets = &v
return s
}
// The configuration for a Secrets Manager secret. For more information, see
// CreateSecret (https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html).
//
// You can propose a configuration for a new secret or an existing secret that
// you own by specifying the secret policy and optional KMS encryption key.
// If the configuration is for an existing secret and you do not specify the
// secret policy, the access preview uses the existing policy for the secret.
// If the access preview is for a new resource and you do not specify the policy,
// the access preview assumes a secret without a policy. To propose deletion
// of an existing policy, you can specify an empty string. If the proposed configuration
// is for a new secret and you do not specify the KMS key ID, the access preview
// uses the Amazon Web Services managed key aws/secretsmanager. If you specify
// an empty string for the KMS key ID, the access preview uses the Amazon Web
// Services managed key of the Amazon Web Services account. For more information
// about secret policy limits, see Quotas for Secrets Manager. (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html).
type SecretsManagerSecretConfiguration struct {
_ struct{} `type:"structure"`
// The proposed ARN, key ID, or alias of the KMS key.
KmsKeyId *string `locationName:"kmsKeyId" type:"string"`
// The proposed resource policy defining who can access or manage the secret.
SecretPolicy *string `locationName:"secretPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SecretsManagerSecretConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SecretsManagerSecretConfiguration) GoString() string {
return s.String()
}
// SetKmsKeyId sets the KmsKeyId field's value.
func (s *SecretsManagerSecretConfiguration) SetKmsKeyId(v string) *SecretsManagerSecretConfiguration {
s.KmsKeyId = &v
return s
}
// SetSecretPolicy sets the SecretPolicy field's value.
func (s *SecretsManagerSecretConfiguration) SetSecretPolicy(v string) *SecretsManagerSecretConfiguration {
s.SecretPolicy = &v
return s
}
// Service quote met error.
type ServiceQuotaExceededException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
// The resource ID.
//
// ResourceId is a required field
ResourceId *string `locationName:"resourceId" type:"string" required:"true"`
// The resource type.
//
// ResourceType is a required field
ResourceType *string `locationName:"resourceType" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ServiceQuotaExceededException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ServiceQuotaExceededException) GoString() string {
return s.String()
}
func newErrorServiceQuotaExceededException(v protocol.ResponseMetadata) error {
return &ServiceQuotaExceededException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *ServiceQuotaExceededException) Code() string {
return "ServiceQuotaExceededException"
}
// Message returns the exception's message.
func (s *ServiceQuotaExceededException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ServiceQuotaExceededException) OrigErr() error {
return nil
}
func (s *ServiceQuotaExceededException) Error() string {
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}
// Status code returns the HTTP status code for the request's response error.
func (s *ServiceQuotaExceededException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *ServiceQuotaExceededException) RequestID() string {
return s.RespMetadata.RequestID
}
// The proposed access control configuration for an Amazon SNS topic. You can
// propose a configuration for a new Amazon SNS topic or an existing Amazon
// SNS topic that you own by specifying the policy. If the configuration is
// for an existing Amazon SNS topic and you do not specify the Amazon SNS policy,
// then the access preview uses the existing Amazon SNS policy for the topic.
// If the access preview is for a new resource and you do not specify the policy,
// then the access preview assumes an Amazon SNS topic without a policy. To
// propose deletion of an existing Amazon SNS topic policy, you can specify
// an empty string for the Amazon SNS policy. For more information, see Topic
// (https://docs.aws.amazon.com/sns/latest/api/API_Topic.html).
type SnsTopicConfiguration struct {
_ struct{} `type:"structure"`
// The JSON policy text that defines who can access an Amazon SNS topic. For
// more information, see Example cases for Amazon SNS access control (https://docs.aws.amazon.com/sns/latest/dg/sns-access-policy-use-cases.html)
// in the Amazon SNS Developer Guide.
TopicPolicy *string `locationName:"topicPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SnsTopicConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SnsTopicConfiguration) GoString() string {
return s.String()
}
// SetTopicPolicy sets the TopicPolicy field's value.
func (s *SnsTopicConfiguration) SetTopicPolicy(v string) *SnsTopicConfiguration {
s.TopicPolicy = &v
return s
}
// The criteria used to sort.
type SortCriteria struct {
_ struct{} `type:"structure"`
// The name of the attribute to sort on.
AttributeName *string `locationName:"attributeName" type:"string"`
// The sort order, ascending or descending.
OrderBy *string `locationName:"orderBy" type:"string" enum:"OrderBy"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SortCriteria) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SortCriteria) GoString() string {
return s.String()
}
// SetAttributeName sets the AttributeName field's value.
func (s *SortCriteria) SetAttributeName(v string) *SortCriteria {
s.AttributeName = &v
return s
}
// SetOrderBy sets the OrderBy field's value.
func (s *SortCriteria) SetOrderBy(v string) *SortCriteria {
s.OrderBy = &v
return s
}
// A span in a policy. The span consists of a start position (inclusive) and
// end position (exclusive).
type Span struct {
_ struct{} `type:"structure"`
// The end position of the span (exclusive).
//
// End is a required field
End *Position `locationName:"end" type:"structure" required:"true"`
// The start position of the span (inclusive).
//
// Start is a required field
Start *Position `locationName:"start" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Span) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Span) GoString() string {
return s.String()
}
// SetEnd sets the End field's value.
func (s *Span) SetEnd(v *Position) *Span {
s.End = v
return s
}
// SetStart sets the Start field's value.
func (s *Span) SetStart(v *Position) *Span {
s.Start = v
return s
}
// The proposed access control configuration for an Amazon SQS queue. You can
// propose a configuration for a new Amazon SQS queue or an existing Amazon
// SQS queue that you own by specifying the Amazon SQS policy. If the configuration
// is for an existing Amazon SQS queue and you do not specify the Amazon SQS
// policy, the access preview uses the existing Amazon SQS policy for the queue.
// If the access preview is for a new resource and you do not specify the policy,
// the access preview assumes an Amazon SQS queue without a policy. To propose
// deletion of an existing Amazon SQS queue policy, you can specify an empty
// string for the Amazon SQS policy. For more information about Amazon SQS policy
// limits, see Quotas related to policies (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-policies.html).
type SqsQueueConfiguration struct {
_ struct{} `type:"structure"`
// The proposed resource policy for the Amazon SQS queue.
QueuePolicy *string `locationName:"queuePolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SqsQueueConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s SqsQueueConfiguration) GoString() string {
return s.String()
}
// SetQueuePolicy sets the QueuePolicy field's value.
func (s *SqsQueueConfiguration) SetQueuePolicy(v string) *SqsQueueConfiguration {
s.QueuePolicy = &v
return s
}
type StartPolicyGenerationInput struct {
_ struct{} `type:"structure"`
// A unique, case-sensitive identifier that you provide to ensure the idempotency
// of the request. Idempotency ensures that an API request completes only once.
// With an idempotent request, if the original request completes successfully,
// the subsequent retries with the same client token return the result from
// the original successful request and they have no additional effect.
//
// If you do not specify a client token, one is automatically generated by the
// Amazon Web Services SDK.
ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
// A CloudTrailDetails object that contains details about a Trail that you want
// to analyze to generate policies.
CloudTrailDetails *CloudTrailDetails `locationName:"cloudTrailDetails" type:"structure"`
// Contains the ARN of the IAM entity (user or role) for which you are generating
// a policy.
//
// PolicyGenerationDetails is a required field
PolicyGenerationDetails *PolicyGenerationDetails `locationName:"policyGenerationDetails" type:"structure" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *StartPolicyGenerationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "StartPolicyGenerationInput"}
if s.PolicyGenerationDetails == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyGenerationDetails"))
}
if s.CloudTrailDetails != nil {
if err := s.CloudTrailDetails.Validate(); err != nil {
invalidParams.AddNested("CloudTrailDetails", err.(request.ErrInvalidParams))
}
}
if s.PolicyGenerationDetails != nil {
if err := s.PolicyGenerationDetails.Validate(); err != nil {
invalidParams.AddNested("PolicyGenerationDetails", err.(request.ErrInvalidParams))
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetClientToken sets the ClientToken field's value.
func (s *StartPolicyGenerationInput) SetClientToken(v string) *StartPolicyGenerationInput {
s.ClientToken = &v
return s
}
// SetCloudTrailDetails sets the CloudTrailDetails field's value.
func (s *StartPolicyGenerationInput) SetCloudTrailDetails(v *CloudTrailDetails) *StartPolicyGenerationInput {
s.CloudTrailDetails = v
return s
}
// SetPolicyGenerationDetails sets the PolicyGenerationDetails field's value.
func (s *StartPolicyGenerationInput) SetPolicyGenerationDetails(v *PolicyGenerationDetails) *StartPolicyGenerationInput {
s.PolicyGenerationDetails = v
return s
}
type StartPolicyGenerationOutput struct {
_ struct{} `type:"structure"`
// The JobId that is returned by the StartPolicyGeneration operation. The JobId
// can be used with GetGeneratedPolicy to retrieve the generated policies or
// used with CancelPolicyGeneration to cancel the policy generation request.
//
// JobId is a required field
JobId *string `locationName:"jobId" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartPolicyGenerationOutput) GoString() string {
return s.String()
}
// SetJobId sets the JobId field's value.
func (s *StartPolicyGenerationOutput) SetJobId(v string) *StartPolicyGenerationOutput {
s.JobId = &v
return s
}
// Starts a scan of the policies applied to the specified resource.
type StartResourceScanInput struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// to use to scan the policies applied to the specified resource.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// The ARN of the resource to scan.
//
// ResourceArn is a required field
ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"`
// The Amazon Web Services account ID that owns the resource. For most Amazon
// Web Services resources, the owning account is the account in which the resource
// was created.
ResourceOwnerAccount *string `locationName:"resourceOwnerAccount" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *StartResourceScanInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "StartResourceScanInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.ResourceArn == nil {
invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *StartResourceScanInput) SetAnalyzerArn(v string) *StartResourceScanInput {
s.AnalyzerArn = &v
return s
}
// SetResourceArn sets the ResourceArn field's value.
func (s *StartResourceScanInput) SetResourceArn(v string) *StartResourceScanInput {
s.ResourceArn = &v
return s
}
// SetResourceOwnerAccount sets the ResourceOwnerAccount field's value.
func (s *StartResourceScanInput) SetResourceOwnerAccount(v string) *StartResourceScanInput {
s.ResourceOwnerAccount = &v
return s
}
type StartResourceScanOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StartResourceScanOutput) GoString() string {
return s.String()
}
// Provides more details about the current status of the analyzer. For example,
// if the creation for the analyzer fails, a Failed status is returned. For
// an analyzer with organization as the type, this failure can be due to an
// issue with creating the service-linked roles required in the member accounts
// of the Amazon Web Services organization.
type StatusReason struct {
_ struct{} `type:"structure"`
// The reason code for the current status of the analyzer.
//
// Code is a required field
Code *string `locationName:"code" type:"string" required:"true" enum:"ReasonCode"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StatusReason) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s StatusReason) GoString() string {
return s.String()
}
// SetCode sets the Code field's value.
func (s *StatusReason) SetCode(v string) *StatusReason {
s.Code = &v
return s
}
// A reference to a substring of a literal string in a JSON document.
type Substring struct {
_ struct{} `type:"structure"`
// The length of the substring.
//
// Length is a required field
Length *int64 `locationName:"length" type:"integer" required:"true"`
// The start index of the substring, starting from 0.
//
// Start is a required field
Start *int64 `locationName:"start" type:"integer" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Substring) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Substring) GoString() string {
return s.String()
}
// SetLength sets the Length field's value.
func (s *Substring) SetLength(v int64) *Substring {
s.Length = &v
return s
}
// SetStart sets the Start field's value.
func (s *Substring) SetStart(v int64) *Substring {
s.Start = &v
return s
}
// Adds a tag to the specified resource.
type TagResourceInput struct {
_ struct{} `type:"structure"`
// The ARN of the resource to add the tag to.
//
// ResourceArn is a required field
ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"`
// The tags to add to the resource.
//
// Tags is a required field
Tags map[string]*string `locationName:"tags" type:"map" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *TagResourceInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"}
if s.ResourceArn == nil {
invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
}
if s.ResourceArn != nil && len(*s.ResourceArn) < 1 {
invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1))
}
if s.Tags == nil {
invalidParams.Add(request.NewErrParamRequired("Tags"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetResourceArn sets the ResourceArn field's value.
func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput {
s.ResourceArn = &v
return s
}
// SetTags sets the Tags field's value.
func (s *TagResourceInput) SetTags(v map[string]*string) *TagResourceInput {
s.Tags = v
return s
}
// The response to the request.
type TagResourceOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TagResourceOutput) GoString() string {
return s.String()
}
// Throttling limit exceeded error.
type ThrottlingException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
// The seconds to wait to retry.
RetryAfterSeconds *int64 `location:"header" locationName:"Retry-After" type:"integer"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ThrottlingException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ThrottlingException) GoString() string {
return s.String()
}
func newErrorThrottlingException(v protocol.ResponseMetadata) error {
return &ThrottlingException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *ThrottlingException) Code() string {
return "ThrottlingException"
}
// Message returns the exception's message.
func (s *ThrottlingException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ThrottlingException) OrigErr() error {
return nil
}
func (s *ThrottlingException) Error() string {
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}
// Status code returns the HTTP status code for the request's response error.
func (s *ThrottlingException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *ThrottlingException) RequestID() string {
return s.RespMetadata.RequestID
}
// Contains details about the CloudTrail trail being analyzed to generate a
// policy.
type Trail struct {
_ struct{} `type:"structure"`
// Possible values are true or false. If set to true, IAM Access Analyzer retrieves
// CloudTrail data from all regions to analyze and generate a policy.
AllRegions *bool `locationName:"allRegions" type:"boolean"`
// Specifies the ARN of the trail. The format of a trail ARN is arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
//
// CloudTrailArn is a required field
CloudTrailArn *string `locationName:"cloudTrailArn" type:"string" required:"true"`
// A list of regions to get CloudTrail data from and analyze to generate a policy.
Regions []*string `locationName:"regions" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Trail) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s Trail) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *Trail) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "Trail"}
if s.CloudTrailArn == nil {
invalidParams.Add(request.NewErrParamRequired("CloudTrailArn"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAllRegions sets the AllRegions field's value.
func (s *Trail) SetAllRegions(v bool) *Trail {
s.AllRegions = &v
return s
}
// SetCloudTrailArn sets the CloudTrailArn field's value.
func (s *Trail) SetCloudTrailArn(v string) *Trail {
s.CloudTrailArn = &v
return s
}
// SetRegions sets the Regions field's value.
func (s *Trail) SetRegions(v []*string) *Trail {
s.Regions = v
return s
}
// Contains details about the CloudTrail trail being analyzed to generate a
// policy.
type TrailProperties struct {
_ struct{} `type:"structure"`
// Possible values are true or false. If set to true, IAM Access Analyzer retrieves
// CloudTrail data from all regions to analyze and generate a policy.
AllRegions *bool `locationName:"allRegions" type:"boolean"`
// Specifies the ARN of the trail. The format of a trail ARN is arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
//
// CloudTrailArn is a required field
CloudTrailArn *string `locationName:"cloudTrailArn" type:"string" required:"true"`
// A list of regions to get CloudTrail data from and analyze to generate a policy.
Regions []*string `locationName:"regions" type:"list"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TrailProperties) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s TrailProperties) GoString() string {
return s.String()
}
// SetAllRegions sets the AllRegions field's value.
func (s *TrailProperties) SetAllRegions(v bool) *TrailProperties {
s.AllRegions = &v
return s
}
// SetCloudTrailArn sets the CloudTrailArn field's value.
func (s *TrailProperties) SetCloudTrailArn(v string) *TrailProperties {
s.CloudTrailArn = &v
return s
}
// SetRegions sets the Regions field's value.
func (s *TrailProperties) SetRegions(v []*string) *TrailProperties {
s.Regions = v
return s
}
// The specified entity could not be processed.
type UnprocessableEntityException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnprocessableEntityException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnprocessableEntityException) GoString() string {
return s.String()
}
func newErrorUnprocessableEntityException(v protocol.ResponseMetadata) error {
return &UnprocessableEntityException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *UnprocessableEntityException) Code() string {
return "UnprocessableEntityException"
}
// Message returns the exception's message.
func (s *UnprocessableEntityException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *UnprocessableEntityException) OrigErr() error {
return nil
}
func (s *UnprocessableEntityException) Error() string {
return fmt.Sprintf("%s: %s", s.Code(), s.Message())
}
// Status code returns the HTTP status code for the request's response error.
func (s *UnprocessableEntityException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *UnprocessableEntityException) RequestID() string {
return s.RespMetadata.RequestID
}
// Removes a tag from the specified resource.
type UntagResourceInput struct {
_ struct{} `type:"structure" nopayload:"true"`
// The ARN of the resource to remove the tag from.
//
// ResourceArn is a required field
ResourceArn *string `location:"uri" locationName:"resourceArn" type:"string" required:"true"`
// The key for the tag to add.
//
// TagKeys is a required field
TagKeys []*string `location:"querystring" locationName:"tagKeys" type:"list" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *UntagResourceInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"}
if s.ResourceArn == nil {
invalidParams.Add(request.NewErrParamRequired("ResourceArn"))
}
if s.ResourceArn != nil && len(*s.ResourceArn) < 1 {
invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1))
}
if s.TagKeys == nil {
invalidParams.Add(request.NewErrParamRequired("TagKeys"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetResourceArn sets the ResourceArn field's value.
func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput {
s.ResourceArn = &v
return s
}
// SetTagKeys sets the TagKeys field's value.
func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput {
s.TagKeys = v
return s
}
// The response to the request.
type UntagResourceOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UntagResourceOutput) GoString() string {
return s.String()
}
// Contains information about an unused access analyzer.
type UnusedAccessConfiguration struct {
_ struct{} `type:"structure"`
// The specified access age in days for which to generate findings for unused
// access. For example, if you specify 90 days, the analyzer will generate findings
// for IAM entities within the accounts of the selected organization for any
// access that hasn't been used in 90 or more days since the analyzer's last
// scan. You can choose a value between 1 and 180 days.
UnusedAccessAge *int64 `locationName:"unusedAccessAge" type:"integer"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAccessConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAccessConfiguration) GoString() string {
return s.String()
}
// SetUnusedAccessAge sets the UnusedAccessAge field's value.
func (s *UnusedAccessConfiguration) SetUnusedAccessAge(v int64) *UnusedAccessConfiguration {
s.UnusedAccessAge = &v
return s
}
// Contains information about an unused access finding for an action. IAM Access
// Analyzer charges for unused access analysis based on the number of IAM roles
// and users analyzed per month. For more details on pricing, see IAM Access
// Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedAction struct {
_ struct{} `type:"structure"`
// The action for which the unused access finding was generated.
//
// Action is a required field
Action *string `locationName:"action" type:"string" required:"true"`
// The time at which the action was last accessed.
LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAction) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedAction) GoString() string {
return s.String()
}
// SetAction sets the Action field's value.
func (s *UnusedAction) SetAction(v string) *UnusedAction {
s.Action = &v
return s
}
// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedAction) SetLastAccessed(v time.Time) *UnusedAction {
s.LastAccessed = &v
return s
}
// Contains information about an unused access finding for an IAM role. IAM
// Access Analyzer charges for unused access analysis based on the number of
// IAM roles and users analyzed per month. For more details on pricing, see
// IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedIamRoleDetails struct {
_ struct{} `type:"structure"`
// The time at which the role was last accessed.
LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamRoleDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamRoleDetails) GoString() string {
return s.String()
}
// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedIamRoleDetails) SetLastAccessed(v time.Time) *UnusedIamRoleDetails {
s.LastAccessed = &v
return s
}
// Contains information about an unused access finding for an IAM user access
// key. IAM Access Analyzer charges for unused access analysis based on the
// number of IAM roles and users analyzed per month. For more details on pricing,
// see IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedIamUserAccessKeyDetails struct {
_ struct{} `type:"structure"`
// The ID of the access key for which the unused access finding was generated.
//
// AccessKeyId is a required field
AccessKeyId *string `locationName:"accessKeyId" type:"string" required:"true"`
// The time at which the access key was last accessed.
LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserAccessKeyDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserAccessKeyDetails) GoString() string {
return s.String()
}
// SetAccessKeyId sets the AccessKeyId field's value.
func (s *UnusedIamUserAccessKeyDetails) SetAccessKeyId(v string) *UnusedIamUserAccessKeyDetails {
s.AccessKeyId = &v
return s
}
// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedIamUserAccessKeyDetails) SetLastAccessed(v time.Time) *UnusedIamUserAccessKeyDetails {
s.LastAccessed = &v
return s
}
// Contains information about an unused access finding for an IAM user password.
// IAM Access Analyzer charges for unused access analysis based on the number
// of IAM roles and users analyzed per month. For more details on pricing, see
// IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedIamUserPasswordDetails struct {
_ struct{} `type:"structure"`
// The time at which the password was last accessed.
LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserPasswordDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedIamUserPasswordDetails) GoString() string {
return s.String()
}
// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedIamUserPasswordDetails) SetLastAccessed(v time.Time) *UnusedIamUserPasswordDetails {
s.LastAccessed = &v
return s
}
// Contains information about an unused access finding for a permission. IAM
// Access Analyzer charges for unused access analysis based on the number of
// IAM roles and users analyzed per month. For more details on pricing, see
// IAM Access Analyzer pricing (https://aws.amazon.com/iam/access-analyzer/pricing).
type UnusedPermissionDetails struct {
_ struct{} `type:"structure"`
// A list of unused actions for which the unused access finding was generated.
Actions []*UnusedAction `locationName:"actions" type:"list"`
// The time at which the permission was last accessed.
LastAccessed *time.Time `locationName:"lastAccessed" type:"timestamp" timestampFormat:"iso8601"`
// The namespace of the Amazon Web Services service that contains the unused
// actions.
//
// ServiceNamespace is a required field
ServiceNamespace *string `locationName:"serviceNamespace" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedPermissionDetails) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedPermissionDetails) GoString() string {
return s.String()
}
// SetActions sets the Actions field's value.
func (s *UnusedPermissionDetails) SetActions(v []*UnusedAction) *UnusedPermissionDetails {
s.Actions = v
return s
}
// SetLastAccessed sets the LastAccessed field's value.
func (s *UnusedPermissionDetails) SetLastAccessed(v time.Time) *UnusedPermissionDetails {
s.LastAccessed = &v
return s
}
// SetServiceNamespace sets the ServiceNamespace field's value.
func (s *UnusedPermissionDetails) SetServiceNamespace(v string) *UnusedPermissionDetails {
s.ServiceNamespace = &v
return s
}
// Contains information about the action to take for a policy in an unused permissions
// finding.
type UnusedPermissionsRecommendedStep struct {
_ struct{} `type:"structure"`
// If the recommended action for the unused permissions finding is to detach
// a policy, the ID of an existing policy to be detached.
ExistingPolicyId *string `locationName:"existingPolicyId" type:"string"`
// The time at which the existing policy for the unused permissions finding
// was last updated.
PolicyUpdatedAt *time.Time `locationName:"policyUpdatedAt" type:"timestamp" timestampFormat:"iso8601"`
// A recommendation of whether to create or detach a policy for an unused permissions
// finding.
//
// RecommendedAction is a required field
RecommendedAction *string `locationName:"recommendedAction" type:"string" required:"true" enum:"RecommendedRemediationAction"`
// If the recommended action for the unused permissions finding is to replace
// the existing policy, the contents of the recommended policy to replace the
// policy specified in the existingPolicyId field.
RecommendedPolicy *string `locationName:"recommendedPolicy" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedPermissionsRecommendedStep) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UnusedPermissionsRecommendedStep) GoString() string {
return s.String()
}
// SetExistingPolicyId sets the ExistingPolicyId field's value.
func (s *UnusedPermissionsRecommendedStep) SetExistingPolicyId(v string) *UnusedPermissionsRecommendedStep {
s.ExistingPolicyId = &v
return s
}
// SetPolicyUpdatedAt sets the PolicyUpdatedAt field's value.
func (s *UnusedPermissionsRecommendedStep) SetPolicyUpdatedAt(v time.Time) *UnusedPermissionsRecommendedStep {
s.PolicyUpdatedAt = &v
return s
}
// SetRecommendedAction sets the RecommendedAction field's value.
func (s *UnusedPermissionsRecommendedStep) SetRecommendedAction(v string) *UnusedPermissionsRecommendedStep {
s.RecommendedAction = &v
return s
}
// SetRecommendedPolicy sets the RecommendedPolicy field's value.
func (s *UnusedPermissionsRecommendedStep) SetRecommendedPolicy(v string) *UnusedPermissionsRecommendedStep {
s.RecommendedPolicy = &v
return s
}
// Updates the specified archive rule.
type UpdateArchiveRuleInput struct {
_ struct{} `type:"structure"`
// The name of the analyzer to update the archive rules for.
//
// AnalyzerName is a required field
AnalyzerName *string `location:"uri" locationName:"analyzerName" min:"1" type:"string" required:"true"`
// A client token.
ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
// A filter to match for the rules to update. Only rules that match the filter
// are updated.
//
// Filter is a required field
Filter map[string]*Criterion `locationName:"filter" type:"map" required:"true"`
// The name of the rule to update.
//
// RuleName is a required field
RuleName *string `location:"uri" locationName:"ruleName" min:"1" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateArchiveRuleInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "UpdateArchiveRuleInput"}
if s.AnalyzerName == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerName"))
}
if s.AnalyzerName != nil && len(*s.AnalyzerName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AnalyzerName", 1))
}
if s.Filter == nil {
invalidParams.Add(request.NewErrParamRequired("Filter"))
}
if s.RuleName == nil {
invalidParams.Add(request.NewErrParamRequired("RuleName"))
}
if s.RuleName != nil && len(*s.RuleName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("RuleName", 1))
}
if s.Filter != nil {
for i, v := range s.Filter {
if v == nil {
continue
}
if err := v.Validate(); err != nil {
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filter", i), err.(request.ErrInvalidParams))
}
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerName sets the AnalyzerName field's value.
func (s *UpdateArchiveRuleInput) SetAnalyzerName(v string) *UpdateArchiveRuleInput {
s.AnalyzerName = &v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *UpdateArchiveRuleInput) SetClientToken(v string) *UpdateArchiveRuleInput {
s.ClientToken = &v
return s
}
// SetFilter sets the Filter field's value.
func (s *UpdateArchiveRuleInput) SetFilter(v map[string]*Criterion) *UpdateArchiveRuleInput {
s.Filter = v
return s
}
// SetRuleName sets the RuleName field's value.
func (s *UpdateArchiveRuleInput) SetRuleName(v string) *UpdateArchiveRuleInput {
s.RuleName = &v
return s
}
type UpdateArchiveRuleOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateArchiveRuleOutput) GoString() string {
return s.String()
}
// Updates findings with the new values provided in the request.
type UpdateFindingsInput struct {
_ struct{} `type:"structure"`
// The ARN of the analyzer (https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-getting-started.html#permission-resources)
// that generated the findings to update.
//
// AnalyzerArn is a required field
AnalyzerArn *string `locationName:"analyzerArn" type:"string" required:"true"`
// A client token.
ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"`
// The IDs of the findings to update.
Ids []*string `locationName:"ids" type:"list"`
// The ARN of the resource identified in the finding.
ResourceArn *string `locationName:"resourceArn" type:"string"`
// The state represents the action to take to update the finding Status. Use
// ARCHIVE to change an Active finding to an Archived finding. Use ACTIVE to
// change an Archived finding to an Active finding.
//
// Status is a required field
Status *string `locationName:"status" type:"string" required:"true" enum:"FindingStatusUpdate"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateFindingsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "UpdateFindingsInput"}
if s.AnalyzerArn == nil {
invalidParams.Add(request.NewErrParamRequired("AnalyzerArn"))
}
if s.Status == nil {
invalidParams.Add(request.NewErrParamRequired("Status"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAnalyzerArn sets the AnalyzerArn field's value.
func (s *UpdateFindingsInput) SetAnalyzerArn(v string) *UpdateFindingsInput {
s.AnalyzerArn = &v
return s
}
// SetClientToken sets the ClientToken field's value.
func (s *UpdateFindingsInput) SetClientToken(v string) *UpdateFindingsInput {
s.ClientToken = &v
return s
}
// SetIds sets the Ids field's value.
func (s *UpdateFindingsInput) SetIds(v []*string) *UpdateFindingsInput {
s.Ids = v
return s
}
// SetResourceArn sets the ResourceArn field's value.
func (s *UpdateFindingsInput) SetResourceArn(v string) *UpdateFindingsInput {
s.ResourceArn = &v
return s
}
// SetStatus sets the Status field's value.
func (s *UpdateFindingsInput) SetStatus(v string) *UpdateFindingsInput {
s.Status = &v
return s
}
type UpdateFindingsOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s UpdateFindingsOutput) GoString() string {
return s.String()
}
// A finding in a policy. Each finding is an actionable recommendation that
// can be used to improve the policy.
type ValidatePolicyFinding struct {
_ struct{} `type:"structure"`
// A localized message that explains the finding and provides guidance on how
// to address it.
//
// FindingDetails is a required field
FindingDetails *string `locationName:"findingDetails" type:"string" required:"true"`
// The impact of the finding.
//
// Security warnings report when the policy allows access that we consider overly
// permissive.
//
// Errors report when a part of the policy is not functional.
//
// Warnings report non-security issues when a policy does not conform to policy
// writing best practices.
//
// Suggestions recommend stylistic improvements in the policy that do not impact
// access.
//
// FindingType is a required field
FindingType *string `locationName:"findingType" type:"string" required:"true" enum:"ValidatePolicyFindingType"`
// The issue code provides an identifier of the issue associated with this finding.
//
// IssueCode is a required field
IssueCode *string `locationName:"issueCode" type:"string" required:"true"`
// A link to additional documentation about the type of finding.
//
// LearnMoreLink is a required field
LearnMoreLink *string `locationName:"learnMoreLink" type:"string" required:"true"`
// The list of locations in the policy document that are related to the finding.
// The issue code provides a summary of an issue identified by the finding.
//
// Locations is a required field
Locations []*Location `locationName:"locations" type:"list" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyFinding) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyFinding) GoString() string {
return s.String()
}
// SetFindingDetails sets the FindingDetails field's value.
func (s *ValidatePolicyFinding) SetFindingDetails(v string) *ValidatePolicyFinding {
s.FindingDetails = &v
return s
}
// SetFindingType sets the FindingType field's value.
func (s *ValidatePolicyFinding) SetFindingType(v string) *ValidatePolicyFinding {
s.FindingType = &v
return s
}
// SetIssueCode sets the IssueCode field's value.
func (s *ValidatePolicyFinding) SetIssueCode(v string) *ValidatePolicyFinding {
s.IssueCode = &v
return s
}
// SetLearnMoreLink sets the LearnMoreLink field's value.
func (s *ValidatePolicyFinding) SetLearnMoreLink(v string) *ValidatePolicyFinding {
s.LearnMoreLink = &v
return s
}
// SetLocations sets the Locations field's value.
func (s *ValidatePolicyFinding) SetLocations(v []*Location) *ValidatePolicyFinding {
s.Locations = v
return s
}
type ValidatePolicyInput struct {
_ struct{} `type:"structure"`
// The locale to use for localizing the findings.
Locale *string `locationName:"locale" type:"string" enum:"Locale"`
// The maximum number of results to return in the response.
MaxResults *int64 `location:"querystring" locationName:"maxResults" type:"integer"`
// A token used for pagination of results returned.
NextToken *string `location:"querystring" locationName:"nextToken" type:"string"`
// The JSON policy document to use as the content for the policy.
//
// PolicyDocument is a required field
PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true"`
// The type of policy to validate. Identity policies grant permissions to IAM
// principals. Identity policies include managed and inline policies for IAM
// roles, users, and groups.
//
// Resource policies grant permissions on Amazon Web Services resources. Resource
// policies include trust policies for IAM roles and bucket policies for Amazon
// S3 buckets. You can provide a generic input such as identity policy or resource
// policy or a specific input such as managed policy or Amazon S3 bucket policy.
//
// Service control policies (SCPs) are a type of organization policy attached
// to an Amazon Web Services organization, organizational unit (OU), or an account.
//
// PolicyType is a required field
PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`
// The type of resource to attach to your resource policy. Specify a value for
// the policy validation resource type only if the policy type is RESOURCE_POLICY.
// For example, to validate a resource policy to attach to an Amazon S3 bucket,
// you can choose AWS::S3::Bucket for the policy validation resource type.
//
// For resource types not supported as valid values, IAM Access Analyzer runs
// policy checks that apply to all resource policies. For example, to validate
// a resource policy to attach to a KMS key, do not specify a value for the
// policy validation resource type and IAM Access Analyzer will run policy checks
// that apply to all resource policies.
ValidatePolicyResourceType *string `locationName:"validatePolicyResourceType" type:"string" enum:"ValidatePolicyResourceType"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ValidatePolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ValidatePolicyInput"}
if s.PolicyDocument == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyDocument"))
}
if s.PolicyType == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyType"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetLocale sets the Locale field's value.
func (s *ValidatePolicyInput) SetLocale(v string) *ValidatePolicyInput {
s.Locale = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ValidatePolicyInput) SetMaxResults(v int64) *ValidatePolicyInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ValidatePolicyInput) SetNextToken(v string) *ValidatePolicyInput {
s.NextToken = &v
return s
}
// SetPolicyDocument sets the PolicyDocument field's value.
func (s *ValidatePolicyInput) SetPolicyDocument(v string) *ValidatePolicyInput {
s.PolicyDocument = &v
return s
}
// SetPolicyType sets the PolicyType field's value.
func (s *ValidatePolicyInput) SetPolicyType(v string) *ValidatePolicyInput {
s.PolicyType = &v
return s
}
// SetValidatePolicyResourceType sets the ValidatePolicyResourceType field's value.
func (s *ValidatePolicyInput) SetValidatePolicyResourceType(v string) *ValidatePolicyInput {
s.ValidatePolicyResourceType = &v
return s
}
type ValidatePolicyOutput struct {
_ struct{} `type:"structure"`
// The list of findings in a policy returned by IAM Access Analyzer based on
// its suite of policy checks.
//
// Findings is a required field
Findings []*ValidatePolicyFinding `locationName:"findings" type:"list" required:"true"`
// A token used for pagination of results returned.
NextToken *string `locationName:"nextToken" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidatePolicyOutput) GoString() string {
return s.String()
}
// SetFindings sets the Findings field's value.
func (s *ValidatePolicyOutput) SetFindings(v []*ValidatePolicyFinding) *ValidatePolicyOutput {
s.Findings = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ValidatePolicyOutput) SetNextToken(v string) *ValidatePolicyOutput {
s.NextToken = &v
return s
}
// Validation exception error.
type ValidationException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
// A list of fields that didn't validate.
FieldList []*ValidationExceptionField `locationName:"fieldList" type:"list"`
Message_ *string `locationName:"message" type:"string"`
// The reason for the exception.
//
// Reason is a required field
Reason *string `locationName:"reason" type:"string" required:"true" enum:"ValidationExceptionReason"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationException) GoString() string {
return s.String()
}
func newErrorValidationException(v protocol.ResponseMetadata) error {
return &ValidationException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *ValidationException) Code() string {
return "ValidationException"
}
// Message returns the exception's message.
func (s *ValidationException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *ValidationException) OrigErr() error {
return nil
}
func (s *ValidationException) Error() string {
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}
// Status code returns the HTTP status code for the request's response error.
func (s *ValidationException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *ValidationException) RequestID() string {
return s.RespMetadata.RequestID
}
// Contains information about a validation exception.
type ValidationExceptionField struct {
_ struct{} `type:"structure"`
// A message about the validation exception.
//
// Message is a required field
Message *string `locationName:"message" type:"string" required:"true"`
// The name of the validation exception.
//
// Name is a required field
Name *string `locationName:"name" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationExceptionField) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s ValidationExceptionField) GoString() string {
return s.String()
}
// SetMessage sets the Message field's value.
func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField {
s.Message = &v
return s
}
// SetName sets the Name field's value.
func (s *ValidationExceptionField) SetName(v string) *ValidationExceptionField {
s.Name = &v
return s
}
// The proposed virtual private cloud (VPC) configuration for the Amazon S3
// access point. VPC configuration does not apply to multi-region access points.
// For more information, see VpcConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_VpcConfiguration.html).
type VpcConfiguration struct {
_ struct{} `type:"structure"`
// If this field is specified, this access point will only allow connections
// from the specified VPC ID.
//
// VpcId is a required field
VpcId *string `locationName:"vpcId" type:"string" required:"true"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VpcConfiguration) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s VpcConfiguration) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *VpcConfiguration) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "VpcConfiguration"}
if s.VpcId == nil {
invalidParams.Add(request.NewErrParamRequired("VpcId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetVpcId sets the VpcId field's value.
func (s *VpcConfiguration) SetVpcId(v string) *VpcConfiguration {
s.VpcId = &v
return s
}
const (
// AccessCheckPolicyTypeIdentityPolicy is a AccessCheckPolicyType enum value
AccessCheckPolicyTypeIdentityPolicy = "IDENTITY_POLICY"
// AccessCheckPolicyTypeResourcePolicy is a AccessCheckPolicyType enum value
AccessCheckPolicyTypeResourcePolicy = "RESOURCE_POLICY"
)
// AccessCheckPolicyType_Values returns all elements of the AccessCheckPolicyType enum
func AccessCheckPolicyType_Values() []string {
return []string{
AccessCheckPolicyTypeIdentityPolicy,
AccessCheckPolicyTypeResourcePolicy,
}
}
const (
// AccessCheckResourceTypeAwsDynamoDbTable is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsDynamoDbTable = "AWS::DynamoDB::Table"
// AccessCheckResourceTypeAwsDynamoDbStream is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsDynamoDbStream = "AWS::DynamoDB::Stream"
// AccessCheckResourceTypeAwsEfsFileSystem is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsEfsFileSystem = "AWS::EFS::FileSystem"
// AccessCheckResourceTypeAwsOpenSearchServiceDomain is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsOpenSearchServiceDomain = "AWS::OpenSearchService::Domain"
// AccessCheckResourceTypeAwsKinesisStream is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsKinesisStream = "AWS::Kinesis::Stream"
// AccessCheckResourceTypeAwsKinesisStreamConsumer is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsKinesisStreamConsumer = "AWS::Kinesis::StreamConsumer"
// AccessCheckResourceTypeAwsKmsKey is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsKmsKey = "AWS::KMS::Key"
// AccessCheckResourceTypeAwsLambdaFunction is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsLambdaFunction = "AWS::Lambda::Function"
// AccessCheckResourceTypeAwsS3Bucket is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsS3Bucket = "AWS::S3::Bucket"
// AccessCheckResourceTypeAwsS3AccessPoint is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsS3AccessPoint = "AWS::S3::AccessPoint"
// AccessCheckResourceTypeAwsS3expressDirectoryBucket is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsS3expressDirectoryBucket = "AWS::S3Express::DirectoryBucket"
// AccessCheckResourceTypeAwsS3Glacier is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsS3Glacier = "AWS::S3::Glacier"
// AccessCheckResourceTypeAwsS3outpostsBucket is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsS3outpostsBucket = "AWS::S3Outposts::Bucket"
// AccessCheckResourceTypeAwsS3outpostsAccessPoint is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsS3outpostsAccessPoint = "AWS::S3Outposts::AccessPoint"
// AccessCheckResourceTypeAwsSecretsManagerSecret is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsSecretsManagerSecret = "AWS::SecretsManager::Secret"
// AccessCheckResourceTypeAwsSnsTopic is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsSnsTopic = "AWS::SNS::Topic"
// AccessCheckResourceTypeAwsSqsQueue is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsSqsQueue = "AWS::SQS::Queue"
// AccessCheckResourceTypeAwsIamAssumeRolePolicyDocument is a AccessCheckResourceType enum value
AccessCheckResourceTypeAwsIamAssumeRolePolicyDocument = "AWS::IAM::AssumeRolePolicyDocument"
)
// AccessCheckResourceType_Values returns all elements of the AccessCheckResourceType enum
func AccessCheckResourceType_Values() []string {
return []string{
AccessCheckResourceTypeAwsDynamoDbTable,
AccessCheckResourceTypeAwsDynamoDbStream,
AccessCheckResourceTypeAwsEfsFileSystem,
AccessCheckResourceTypeAwsOpenSearchServiceDomain,
AccessCheckResourceTypeAwsKinesisStream,
AccessCheckResourceTypeAwsKinesisStreamConsumer,
AccessCheckResourceTypeAwsKmsKey,
AccessCheckResourceTypeAwsLambdaFunction,
AccessCheckResourceTypeAwsS3Bucket,
AccessCheckResourceTypeAwsS3AccessPoint,
AccessCheckResourceTypeAwsS3expressDirectoryBucket,
AccessCheckResourceTypeAwsS3Glacier,
AccessCheckResourceTypeAwsS3outpostsBucket,
AccessCheckResourceTypeAwsS3outpostsAccessPoint,
AccessCheckResourceTypeAwsSecretsManagerSecret,
AccessCheckResourceTypeAwsSnsTopic,
AccessCheckResourceTypeAwsSqsQueue,
AccessCheckResourceTypeAwsIamAssumeRolePolicyDocument,
}
}
const (
// AccessPreviewStatusCompleted is a AccessPreviewStatus enum value
AccessPreviewStatusCompleted = "COMPLETED"
// AccessPreviewStatusCreating is a AccessPreviewStatus enum value
AccessPreviewStatusCreating = "CREATING"
// AccessPreviewStatusFailed is a AccessPreviewStatus enum value
AccessPreviewStatusFailed = "FAILED"
)
// AccessPreviewStatus_Values returns all elements of the AccessPreviewStatus enum
func AccessPreviewStatus_Values() []string {
return []string{
AccessPreviewStatusCompleted,
AccessPreviewStatusCreating,
AccessPreviewStatusFailed,
}
}
const (
// AccessPreviewStatusReasonCodeInternalError is a AccessPreviewStatusReasonCode enum value
AccessPreviewStatusReasonCodeInternalError = "INTERNAL_ERROR"
// AccessPreviewStatusReasonCodeInvalidConfiguration is a AccessPreviewStatusReasonCode enum value
AccessPreviewStatusReasonCodeInvalidConfiguration = "INVALID_CONFIGURATION"
)
// AccessPreviewStatusReasonCode_Values returns all elements of the AccessPreviewStatusReasonCode enum
func AccessPreviewStatusReasonCode_Values() []string {
return []string{
AccessPreviewStatusReasonCodeInternalError,
AccessPreviewStatusReasonCodeInvalidConfiguration,
}
}
const (
// AclPermissionRead is a AclPermission enum value
AclPermissionRead = "READ"
// AclPermissionWrite is a AclPermission enum value
AclPermissionWrite = "WRITE"
// AclPermissionReadAcp is a AclPermission enum value
AclPermissionReadAcp = "READ_ACP"
// AclPermissionWriteAcp is a AclPermission enum value
AclPermissionWriteAcp = "WRITE_ACP"
// AclPermissionFullControl is a AclPermission enum value
AclPermissionFullControl = "FULL_CONTROL"
)
// AclPermission_Values returns all elements of the AclPermission enum
func AclPermission_Values() []string {
return []string{
AclPermissionRead,
AclPermissionWrite,
AclPermissionReadAcp,
AclPermissionWriteAcp,
AclPermissionFullControl,
}
}
const (
// AnalyzerStatusActive is a AnalyzerStatus enum value
AnalyzerStatusActive = "ACTIVE"
// AnalyzerStatusCreating is a AnalyzerStatus enum value
AnalyzerStatusCreating = "CREATING"
// AnalyzerStatusDisabled is a AnalyzerStatus enum value
AnalyzerStatusDisabled = "DISABLED"
// AnalyzerStatusFailed is a AnalyzerStatus enum value
AnalyzerStatusFailed = "FAILED"
)
// AnalyzerStatus_Values returns all elements of the AnalyzerStatus enum
func AnalyzerStatus_Values() []string {
return []string{
AnalyzerStatusActive,
AnalyzerStatusCreating,
AnalyzerStatusDisabled,
AnalyzerStatusFailed,
}
}
const (
// CheckAccessNotGrantedResultPass is a CheckAccessNotGrantedResult enum value
CheckAccessNotGrantedResultPass = "PASS"
// CheckAccessNotGrantedResultFail is a CheckAccessNotGrantedResult enum value
CheckAccessNotGrantedResultFail = "FAIL"
)
// CheckAccessNotGrantedResult_Values returns all elements of the CheckAccessNotGrantedResult enum
func CheckAccessNotGrantedResult_Values() []string {
return []string{
CheckAccessNotGrantedResultPass,
CheckAccessNotGrantedResultFail,
}
}
const (
// CheckNoNewAccessResultPass is a CheckNoNewAccessResult enum value
CheckNoNewAccessResultPass = "PASS"
// CheckNoNewAccessResultFail is a CheckNoNewAccessResult enum value
CheckNoNewAccessResultFail = "FAIL"
)
// CheckNoNewAccessResult_Values returns all elements of the CheckNoNewAccessResult enum
func CheckNoNewAccessResult_Values() []string {
return []string{
CheckNoNewAccessResultPass,
CheckNoNewAccessResultFail,
}
}
const (
// CheckNoPublicAccessResultPass is a CheckNoPublicAccessResult enum value
CheckNoPublicAccessResultPass = "PASS"
// CheckNoPublicAccessResultFail is a CheckNoPublicAccessResult enum value
CheckNoPublicAccessResultFail = "FAIL"
)
// CheckNoPublicAccessResult_Values returns all elements of the CheckNoPublicAccessResult enum
func CheckNoPublicAccessResult_Values() []string {
return []string{
CheckNoPublicAccessResultPass,
CheckNoPublicAccessResultFail,
}
}
const (
// FindingChangeTypeChanged is a FindingChangeType enum value
FindingChangeTypeChanged = "CHANGED"
// FindingChangeTypeNew is a FindingChangeType enum value
FindingChangeTypeNew = "NEW"
// FindingChangeTypeUnchanged is a FindingChangeType enum value
FindingChangeTypeUnchanged = "UNCHANGED"
)
// FindingChangeType_Values returns all elements of the FindingChangeType enum
func FindingChangeType_Values() []string {
return []string{
FindingChangeTypeChanged,
FindingChangeTypeNew,
FindingChangeTypeUnchanged,
}
}
const (
// FindingSourceTypePolicy is a FindingSourceType enum value
FindingSourceTypePolicy = "POLICY"
// FindingSourceTypeBucketAcl is a FindingSourceType enum value
FindingSourceTypeBucketAcl = "BUCKET_ACL"
// FindingSourceTypeS3AccessPoint is a FindingSourceType enum value
FindingSourceTypeS3AccessPoint = "S3_ACCESS_POINT"
// FindingSourceTypeS3AccessPointAccount is a FindingSourceType enum value
FindingSourceTypeS3AccessPointAccount = "S3_ACCESS_POINT_ACCOUNT"
)
// FindingSourceType_Values returns all elements of the FindingSourceType enum
func FindingSourceType_Values() []string {
return []string{
FindingSourceTypePolicy,
FindingSourceTypeBucketAcl,
FindingSourceTypeS3AccessPoint,
FindingSourceTypeS3AccessPointAccount,
}
}
const (
// FindingStatusActive is a FindingStatus enum value
FindingStatusActive = "ACTIVE"
// FindingStatusArchived is a FindingStatus enum value
FindingStatusArchived = "ARCHIVED"
// FindingStatusResolved is a FindingStatus enum value
FindingStatusResolved = "RESOLVED"
)
// FindingStatus_Values returns all elements of the FindingStatus enum
func FindingStatus_Values() []string {
return []string{
FindingStatusActive,
FindingStatusArchived,
FindingStatusResolved,
}
}
const (
// FindingStatusUpdateActive is a FindingStatusUpdate enum value
FindingStatusUpdateActive = "ACTIVE"
// FindingStatusUpdateArchived is a FindingStatusUpdate enum value
FindingStatusUpdateArchived = "ARCHIVED"
)
// FindingStatusUpdate_Values returns all elements of the FindingStatusUpdate enum
func FindingStatusUpdate_Values() []string {
return []string{
FindingStatusUpdateActive,
FindingStatusUpdateArchived,
}
}
const (
// FindingTypeExternalAccess is a FindingType enum value
FindingTypeExternalAccess = "ExternalAccess"
// FindingTypeUnusedIamrole is a FindingType enum value
FindingTypeUnusedIamrole = "UnusedIAMRole"
// FindingTypeUnusedIamuserAccessKey is a FindingType enum value
FindingTypeUnusedIamuserAccessKey = "UnusedIAMUserAccessKey"
// FindingTypeUnusedIamuserPassword is a FindingType enum value
FindingTypeUnusedIamuserPassword = "UnusedIAMUserPassword"
// FindingTypeUnusedPermission is a FindingType enum value
FindingTypeUnusedPermission = "UnusedPermission"
)
// FindingType_Values returns all elements of the FindingType enum
func FindingType_Values() []string {
return []string{
FindingTypeExternalAccess,
FindingTypeUnusedIamrole,
FindingTypeUnusedIamuserAccessKey,
FindingTypeUnusedIamuserPassword,
FindingTypeUnusedPermission,
}
}
const (
// JobErrorCodeAuthorizationError is a JobErrorCode enum value
JobErrorCodeAuthorizationError = "AUTHORIZATION_ERROR"
// JobErrorCodeResourceNotFoundError is a JobErrorCode enum value
JobErrorCodeResourceNotFoundError = "RESOURCE_NOT_FOUND_ERROR"
// JobErrorCodeServiceQuotaExceededError is a JobErrorCode enum value
JobErrorCodeServiceQuotaExceededError = "SERVICE_QUOTA_EXCEEDED_ERROR"
// JobErrorCodeServiceError is a JobErrorCode enum value
JobErrorCodeServiceError = "SERVICE_ERROR"
)
// JobErrorCode_Values returns all elements of the JobErrorCode enum
func JobErrorCode_Values() []string {
return []string{
JobErrorCodeAuthorizationError,
JobErrorCodeResourceNotFoundError,
JobErrorCodeServiceQuotaExceededError,
JobErrorCodeServiceError,
}
}
const (
// JobStatusInProgress is a JobStatus enum value
JobStatusInProgress = "IN_PROGRESS"
// JobStatusSucceeded is a JobStatus enum value
JobStatusSucceeded = "SUCCEEDED"
// JobStatusFailed is a JobStatus enum value
JobStatusFailed = "FAILED"
// JobStatusCanceled is a JobStatus enum value
JobStatusCanceled = "CANCELED"
)
// JobStatus_Values returns all elements of the JobStatus enum
func JobStatus_Values() []string {
return []string{
JobStatusInProgress,
JobStatusSucceeded,
JobStatusFailed,
JobStatusCanceled,
}
}
const (
// KmsGrantOperationCreateGrant is a KmsGrantOperation enum value
KmsGrantOperationCreateGrant = "CreateGrant"
// KmsGrantOperationDecrypt is a KmsGrantOperation enum value
KmsGrantOperationDecrypt = "Decrypt"
// KmsGrantOperationDescribeKey is a KmsGrantOperation enum value
KmsGrantOperationDescribeKey = "DescribeKey"
// KmsGrantOperationEncrypt is a KmsGrantOperation enum value
KmsGrantOperationEncrypt = "Encrypt"
// KmsGrantOperationGenerateDataKey is a KmsGrantOperation enum value
KmsGrantOperationGenerateDataKey = "GenerateDataKey"
// KmsGrantOperationGenerateDataKeyPair is a KmsGrantOperation enum value
KmsGrantOperationGenerateDataKeyPair = "GenerateDataKeyPair"
// KmsGrantOperationGenerateDataKeyPairWithoutPlaintext is a KmsGrantOperation enum value
KmsGrantOperationGenerateDataKeyPairWithoutPlaintext = "GenerateDataKeyPairWithoutPlaintext"
// KmsGrantOperationGenerateDataKeyWithoutPlaintext is a KmsGrantOperation enum value
KmsGrantOperationGenerateDataKeyWithoutPlaintext = "GenerateDataKeyWithoutPlaintext"
// KmsGrantOperationGetPublicKey is a KmsGrantOperation enum value
KmsGrantOperationGetPublicKey = "GetPublicKey"
// KmsGrantOperationReEncryptFrom is a KmsGrantOperation enum value
KmsGrantOperationReEncryptFrom = "ReEncryptFrom"
// KmsGrantOperationReEncryptTo is a KmsGrantOperation enum value
KmsGrantOperationReEncryptTo = "ReEncryptTo"
// KmsGrantOperationRetireGrant is a KmsGrantOperation enum value
KmsGrantOperationRetireGrant = "RetireGrant"
// KmsGrantOperationSign is a KmsGrantOperation enum value
KmsGrantOperationSign = "Sign"
// KmsGrantOperationVerify is a KmsGrantOperation enum value
KmsGrantOperationVerify = "Verify"
)
// KmsGrantOperation_Values returns all elements of the KmsGrantOperation enum
func KmsGrantOperation_Values() []string {
return []string{
KmsGrantOperationCreateGrant,
KmsGrantOperationDecrypt,
KmsGrantOperationDescribeKey,
KmsGrantOperationEncrypt,
KmsGrantOperationGenerateDataKey,
KmsGrantOperationGenerateDataKeyPair,
KmsGrantOperationGenerateDataKeyPairWithoutPlaintext,
KmsGrantOperationGenerateDataKeyWithoutPlaintext,
KmsGrantOperationGetPublicKey,
KmsGrantOperationReEncryptFrom,
KmsGrantOperationReEncryptTo,
KmsGrantOperationRetireGrant,
KmsGrantOperationSign,
KmsGrantOperationVerify,
}
}
const (
// LocaleDe is a Locale enum value
LocaleDe = "DE"
// LocaleEn is a Locale enum value
LocaleEn = "EN"
// LocaleEs is a Locale enum value
LocaleEs = "ES"
// LocaleFr is a Locale enum value
LocaleFr = "FR"
// LocaleIt is a Locale enum value
LocaleIt = "IT"
// LocaleJa is a Locale enum value
LocaleJa = "JA"
// LocaleKo is a Locale enum value
LocaleKo = "KO"
// LocalePtBr is a Locale enum value
LocalePtBr = "PT_BR"
// LocaleZhCn is a Locale enum value
LocaleZhCn = "ZH_CN"
// LocaleZhTw is a Locale enum value
LocaleZhTw = "ZH_TW"
)
// Locale_Values returns all elements of the Locale enum
func Locale_Values() []string {
return []string{
LocaleDe,
LocaleEn,
LocaleEs,
LocaleFr,
LocaleIt,
LocaleJa,
LocaleKo,
LocalePtBr,
LocaleZhCn,
LocaleZhTw,
}
}
const (
// OrderByAsc is a OrderBy enum value
OrderByAsc = "ASC"
// OrderByDesc is a OrderBy enum value
OrderByDesc = "DESC"
)
// OrderBy_Values returns all elements of the OrderBy enum
func OrderBy_Values() []string {
return []string{
OrderByAsc,
OrderByDesc,
}
}
const (
// PolicyTypeIdentityPolicy is a PolicyType enum value
PolicyTypeIdentityPolicy = "IDENTITY_POLICY"
// PolicyTypeResourcePolicy is a PolicyType enum value
PolicyTypeResourcePolicy = "RESOURCE_POLICY"
// PolicyTypeServiceControlPolicy is a PolicyType enum value
PolicyTypeServiceControlPolicy = "SERVICE_CONTROL_POLICY"
)
// PolicyType_Values returns all elements of the PolicyType enum
func PolicyType_Values() []string {
return []string{
PolicyTypeIdentityPolicy,
PolicyTypeResourcePolicy,
PolicyTypeServiceControlPolicy,
}
}
const (
// ReasonCodeAwsServiceAccessDisabled is a ReasonCode enum value
ReasonCodeAwsServiceAccessDisabled = "AWS_SERVICE_ACCESS_DISABLED"
// ReasonCodeDelegatedAdministratorDeregistered is a ReasonCode enum value
ReasonCodeDelegatedAdministratorDeregistered = "DELEGATED_ADMINISTRATOR_DEREGISTERED"
// ReasonCodeOrganizationDeleted is a ReasonCode enum value
ReasonCodeOrganizationDeleted = "ORGANIZATION_DELETED"
// ReasonCodeServiceLinkedRoleCreationFailed is a ReasonCode enum value
ReasonCodeServiceLinkedRoleCreationFailed = "SERVICE_LINKED_ROLE_CREATION_FAILED"
)
// ReasonCode_Values returns all elements of the ReasonCode enum
func ReasonCode_Values() []string {
return []string{
ReasonCodeAwsServiceAccessDisabled,
ReasonCodeDelegatedAdministratorDeregistered,
ReasonCodeOrganizationDeleted,
ReasonCodeServiceLinkedRoleCreationFailed,
}
}
const (
// RecommendationTypeUnusedPermissionRecommendation is a RecommendationType enum value
RecommendationTypeUnusedPermissionRecommendation = "UnusedPermissionRecommendation"
)
// RecommendationType_Values returns all elements of the RecommendationType enum
func RecommendationType_Values() []string {
return []string{
RecommendationTypeUnusedPermissionRecommendation,
}
}
const (
// RecommendedRemediationActionCreatePolicy is a RecommendedRemediationAction enum value
RecommendedRemediationActionCreatePolicy = "CREATE_POLICY"
// RecommendedRemediationActionDetachPolicy is a RecommendedRemediationAction enum value
RecommendedRemediationActionDetachPolicy = "DETACH_POLICY"
)
// RecommendedRemediationAction_Values returns all elements of the RecommendedRemediationAction enum
func RecommendedRemediationAction_Values() []string {
return []string{
RecommendedRemediationActionCreatePolicy,
RecommendedRemediationActionDetachPolicy,
}
}
const (
// ResourceTypeAwsS3Bucket is a ResourceType enum value
ResourceTypeAwsS3Bucket = "AWS::S3::Bucket"
// ResourceTypeAwsIamRole is a ResourceType enum value
ResourceTypeAwsIamRole = "AWS::IAM::Role"
// ResourceTypeAwsSqsQueue is a ResourceType enum value
ResourceTypeAwsSqsQueue = "AWS::SQS::Queue"
// ResourceTypeAwsLambdaFunction is a ResourceType enum value
ResourceTypeAwsLambdaFunction = "AWS::Lambda::Function"
// ResourceTypeAwsLambdaLayerVersion is a ResourceType enum value
ResourceTypeAwsLambdaLayerVersion = "AWS::Lambda::LayerVersion"
// ResourceTypeAwsKmsKey is a ResourceType enum value
ResourceTypeAwsKmsKey = "AWS::KMS::Key"
// ResourceTypeAwsSecretsManagerSecret is a ResourceType enum value
ResourceTypeAwsSecretsManagerSecret = "AWS::SecretsManager::Secret"
// ResourceTypeAwsEfsFileSystem is a ResourceType enum value
ResourceTypeAwsEfsFileSystem = "AWS::EFS::FileSystem"
// ResourceTypeAwsEc2Snapshot is a ResourceType enum value
ResourceTypeAwsEc2Snapshot = "AWS::EC2::Snapshot"
// ResourceTypeAwsEcrRepository is a ResourceType enum value
ResourceTypeAwsEcrRepository = "AWS::ECR::Repository"
// ResourceTypeAwsRdsDbsnapshot is a ResourceType enum value
ResourceTypeAwsRdsDbsnapshot = "AWS::RDS::DBSnapshot"
// ResourceTypeAwsRdsDbclusterSnapshot is a ResourceType enum value
ResourceTypeAwsRdsDbclusterSnapshot = "AWS::RDS::DBClusterSnapshot"
// ResourceTypeAwsSnsTopic is a ResourceType enum value
ResourceTypeAwsSnsTopic = "AWS::SNS::Topic"
// ResourceTypeAwsS3expressDirectoryBucket is a ResourceType enum value
ResourceTypeAwsS3expressDirectoryBucket = "AWS::S3Express::DirectoryBucket"
// ResourceTypeAwsDynamoDbTable is a ResourceType enum value
ResourceTypeAwsDynamoDbTable = "AWS::DynamoDB::Table"
// ResourceTypeAwsDynamoDbStream is a ResourceType enum value
ResourceTypeAwsDynamoDbStream = "AWS::DynamoDB::Stream"
)
// ResourceType_Values returns all elements of the ResourceType enum
func ResourceType_Values() []string {
return []string{
ResourceTypeAwsS3Bucket,
ResourceTypeAwsIamRole,
ResourceTypeAwsSqsQueue,
ResourceTypeAwsLambdaFunction,
ResourceTypeAwsLambdaLayerVersion,
ResourceTypeAwsKmsKey,
ResourceTypeAwsSecretsManagerSecret,
ResourceTypeAwsEfsFileSystem,
ResourceTypeAwsEc2Snapshot,
ResourceTypeAwsEcrRepository,
ResourceTypeAwsRdsDbsnapshot,
ResourceTypeAwsRdsDbclusterSnapshot,
ResourceTypeAwsSnsTopic,
ResourceTypeAwsS3expressDirectoryBucket,
ResourceTypeAwsDynamoDbTable,
ResourceTypeAwsDynamoDbStream,
}
}
const (
// StatusSucceeded is a Status enum value
StatusSucceeded = "SUCCEEDED"
// StatusFailed is a Status enum value
StatusFailed = "FAILED"
// StatusInProgress is a Status enum value
StatusInProgress = "IN_PROGRESS"
)
// Status_Values returns all elements of the Status enum
func Status_Values() []string {
return []string{
StatusSucceeded,
StatusFailed,
StatusInProgress,
}
}
const (
// TypeAccount is a Type enum value
TypeAccount = "ACCOUNT"
// TypeOrganization is a Type enum value
TypeOrganization = "ORGANIZATION"
// TypeAccountUnusedAccess is a Type enum value
TypeAccountUnusedAccess = "ACCOUNT_UNUSED_ACCESS"
// TypeOrganizationUnusedAccess is a Type enum value
TypeOrganizationUnusedAccess = "ORGANIZATION_UNUSED_ACCESS"
)
// Type_Values returns all elements of the Type enum
func Type_Values() []string {
return []string{
TypeAccount,
TypeOrganization,
TypeAccountUnusedAccess,
TypeOrganizationUnusedAccess,
}
}
const (
// ValidatePolicyFindingTypeError is a ValidatePolicyFindingType enum value
ValidatePolicyFindingTypeError = "ERROR"
// ValidatePolicyFindingTypeSecurityWarning is a ValidatePolicyFindingType enum value
ValidatePolicyFindingTypeSecurityWarning = "SECURITY_WARNING"
// ValidatePolicyFindingTypeSuggestion is a ValidatePolicyFindingType enum value
ValidatePolicyFindingTypeSuggestion = "SUGGESTION"
// ValidatePolicyFindingTypeWarning is a ValidatePolicyFindingType enum value
ValidatePolicyFindingTypeWarning = "WARNING"
)
// ValidatePolicyFindingType_Values returns all elements of the ValidatePolicyFindingType enum
func ValidatePolicyFindingType_Values() []string {
return []string{
ValidatePolicyFindingTypeError,
ValidatePolicyFindingTypeSecurityWarning,
ValidatePolicyFindingTypeSuggestion,
ValidatePolicyFindingTypeWarning,
}
}
const (
// ValidatePolicyResourceTypeAwsS3Bucket is a ValidatePolicyResourceType enum value
ValidatePolicyResourceTypeAwsS3Bucket = "AWS::S3::Bucket"
// ValidatePolicyResourceTypeAwsS3AccessPoint is a ValidatePolicyResourceType enum value
ValidatePolicyResourceTypeAwsS3AccessPoint = "AWS::S3::AccessPoint"
// ValidatePolicyResourceTypeAwsS3MultiRegionAccessPoint is a ValidatePolicyResourceType enum value
ValidatePolicyResourceTypeAwsS3MultiRegionAccessPoint = "AWS::S3::MultiRegionAccessPoint"
// ValidatePolicyResourceTypeAwsS3objectLambdaAccessPoint is a ValidatePolicyResourceType enum value
ValidatePolicyResourceTypeAwsS3objectLambdaAccessPoint = "AWS::S3ObjectLambda::AccessPoint"
// ValidatePolicyResourceTypeAwsIamAssumeRolePolicyDocument is a ValidatePolicyResourceType enum value
ValidatePolicyResourceTypeAwsIamAssumeRolePolicyDocument = "AWS::IAM::AssumeRolePolicyDocument"
// ValidatePolicyResourceTypeAwsDynamoDbTable is a ValidatePolicyResourceType enum value
ValidatePolicyResourceTypeAwsDynamoDbTable = "AWS::DynamoDB::Table"
)
// ValidatePolicyResourceType_Values returns all elements of the ValidatePolicyResourceType enum
func ValidatePolicyResourceType_Values() []string {
return []string{
ValidatePolicyResourceTypeAwsS3Bucket,
ValidatePolicyResourceTypeAwsS3AccessPoint,
ValidatePolicyResourceTypeAwsS3MultiRegionAccessPoint,
ValidatePolicyResourceTypeAwsS3objectLambdaAccessPoint,
ValidatePolicyResourceTypeAwsIamAssumeRolePolicyDocument,
ValidatePolicyResourceTypeAwsDynamoDbTable,
}
}
const (
// ValidationExceptionReasonUnknownOperation is a ValidationExceptionReason enum value
ValidationExceptionReasonUnknownOperation = "unknownOperation"
// ValidationExceptionReasonCannotParse is a ValidationExceptionReason enum value
ValidationExceptionReasonCannotParse = "cannotParse"
// ValidationExceptionReasonFieldValidationFailed is a ValidationExceptionReason enum value
ValidationExceptionReasonFieldValidationFailed = "fieldValidationFailed"
// ValidationExceptionReasonOther is a ValidationExceptionReason enum value
ValidationExceptionReasonOther = "other"
// ValidationExceptionReasonNotSupported is a ValidationExceptionReason enum value
ValidationExceptionReasonNotSupported = "notSupported"
)
// ValidationExceptionReason_Values returns all elements of the ValidationExceptionReason enum
func ValidationExceptionReason_Values() []string {
return []string{
ValidationExceptionReasonUnknownOperation,
ValidationExceptionReasonCannotParse,
ValidationExceptionReasonFieldValidationFailed,
ValidationExceptionReasonOther,
ValidationExceptionReasonNotSupported,
}
}