com.amazonaws.services.accessanalyzer

Class AWSAccessAnalyzerClient

java.lang.Object

com.amazonaws.AmazonWebServiceClient

com.amazonaws.services.accessanalyzer.AWSAccessAnalyzerClient

All Implemented Interfaces:

AWSAccessAnalyzer

Direct Known Subclasses:

AWSAccessAnalyzerAsyncClient

@ThreadSafe
 @Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public class AWSAccessAnalyzerClient
extends AmazonWebServiceClient
implements AWSAccessAnalyzer

Client for accessing Access Analyzer. All service calls made using this client are blocking, and will not return until the service call completes.

AWS IAM Access Analyzer helps identify potential resource-access risks by enabling you to identify any policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your AWS environment. An external principal can be another AWS account, a root user, an IAM user or role, a federated user, an AWS service, or an anonymous user. This guide describes the AWS IAM Access Analyzer operations that you can call programmatically. For general information about Access Analyzer, see the AWS IAM Access Analyzer section of the IAM User Guide.

To start using Access Analyzer, you first need to create an analyzer.

Field Summary

Fields inherited from class com.amazonaws.AmazonWebServiceClient

LOGGING_AWS_REQUEST_METRIC

Fields inherited from interface com.amazonaws.services.accessanalyzer.AWSAccessAnalyzer

ENDPOINT_PREFIX

Method Summary

Modifier and Type	Method and Description
static AWSAccessAnalyzerClientBuilder	builder()
CreateAnalyzerResult	createAnalyzer(CreateAnalyzerRequest request) Creates an analyzer for your account.
CreateArchiveRuleResult	createArchiveRule(CreateArchiveRuleRequest request) Creates an archive rule for the specified analyzer.
DeleteAnalyzerResult	deleteAnalyzer(DeleteAnalyzerRequest request) Deletes the specified analyzer.
DeleteArchiveRuleResult	deleteArchiveRule(DeleteArchiveRuleRequest request) Deletes the specified archive rule.
GetAnalyzedResourceResult	getAnalyzedResource(GetAnalyzedResourceRequest request) Retrieves information about a resource that was analyzed.
GetAnalyzerResult	getAnalyzer(GetAnalyzerRequest request) Retrieves information about the specified analyzer.
GetArchiveRuleResult	getArchiveRule(GetArchiveRuleRequest request) Retrieves information about an archive rule.
ResponseMetadata	getCachedResponseMetadata(AmazonWebServiceRequest request) Returns additional metadata for a previously executed successful, request, typically used for debugging issues where a service isn't acting as expected.
GetFindingResult	getFinding(GetFindingRequest request) Retrieves information about the specified finding.
ListAnalyzedResourcesResult	listAnalyzedResources(ListAnalyzedResourcesRequest request) Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer..
ListAnalyzersResult	listAnalyzers(ListAnalyzersRequest request) Retrieves a list of analyzers.
ListArchiveRulesResult	listArchiveRules(ListArchiveRulesRequest request) Retrieves a list of archive rules created for the specified analyzer.
ListFindingsResult	listFindings(ListFindingsRequest request) Retrieves a list of findings generated by the specified analyzer.
ListTagsForResourceResult	listTagsForResource(ListTagsForResourceRequest request) Retrieves a list of tags applied to the specified resource.
StartResourceScanResult	startResourceScan(StartResourceScanRequest request) Immediately starts a scan of the policies applied to the specified resource.
TagResourceResult	tagResource(TagResourceRequest request) Adds a tag to the specified resource.
UntagResourceResult	untagResource(UntagResourceRequest request) Removes a tag from the specified resource.
UpdateArchiveRuleResult	updateArchiveRule(UpdateArchiveRuleRequest request) Updates the criteria and values for the specified archive rule.
UpdateFindingsResult	updateFindings(UpdateFindingsRequest request) Updates the status for the specified findings.

Methods inherited from class com.amazonaws.AmazonWebServiceClient

addRequestHandler, addRequestHandler, configureRegion, getClientConfiguration, getEndpointPrefix, getMonitoringListeners, getRequestMetricsCollector, getServiceName, getSignerByURI, getSignerOverride, getSignerRegionOverride, getTimeOffset, makeImmutable, removeRequestHandler, removeRequestHandler, setEndpoint, setEndpoint, setRegion, setServiceNameIntern, setSignerRegionOverride, setTimeOffset, shutdown, withEndpoint, withRegion, withRegion, withTimeOffset

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.amazonaws.services.accessanalyzer.AWSAccessAnalyzer

shutdown

Method Detail

builder

public static AWSAccessAnalyzerClientBuilder builder()

createAnalyzer

public CreateAnalyzerResult createAnalyzer(CreateAnalyzerRequest request)

Creates an analyzer for your account.

Specified by:

createAnalyzer in interface AWSAccessAnalyzer

Parameters:

createAnalyzerRequest - Creates an analyzer.

Returns:

Result of the CreateAnalyzer operation returned by the service.

Throws:

ConflictException - A conflict exception error.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ServiceQuotaExceededException - Service quote met error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

createArchiveRule

public CreateArchiveRuleResult createArchiveRule(CreateArchiveRuleRequest request)

Creates an archive rule for the specified analyzer. Archive rules automatically archive findings that meet the criteria you define when you create the rule.

Specified by:

createArchiveRule in interface AWSAccessAnalyzer

Parameters:

createArchiveRuleRequest - Creates an archive rule.

Returns:

Result of the CreateArchiveRule operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ConflictException - A conflict exception error.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ServiceQuotaExceededException - Service quote met error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

deleteAnalyzer

public DeleteAnalyzerResult deleteAnalyzer(DeleteAnalyzerRequest request)

Deletes the specified analyzer. When you delete an analyzer, Access Analyzer is disabled for the account in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.

Specified by:

deleteAnalyzer in interface AWSAccessAnalyzer

Parameters:

deleteAnalyzerRequest - Deletes an analyzer.

Returns:

Result of the DeleteAnalyzer operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

deleteArchiveRule

public DeleteArchiveRuleResult deleteArchiveRule(DeleteArchiveRuleRequest request)

Deletes the specified archive rule.

Specified by:

deleteArchiveRule in interface AWSAccessAnalyzer

Parameters:

deleteArchiveRuleRequest - Deletes an archive rule.

Returns:

Result of the DeleteArchiveRule operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

getAnalyzedResource

public GetAnalyzedResourceResult getAnalyzedResource(GetAnalyzedResourceRequest request)

Retrieves information about a resource that was analyzed.

Specified by:

getAnalyzedResource in interface AWSAccessAnalyzer

Parameters:

getAnalyzedResourceRequest - Retrieves an analyzed resource.

Returns:

Result of the GetAnalyzedResource operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

getAnalyzer

public GetAnalyzerResult getAnalyzer(GetAnalyzerRequest request)

Retrieves information about the specified analyzer.

Specified by:

getAnalyzer in interface AWSAccessAnalyzer

Parameters:

getAnalyzerRequest - Retrieves an analyzer.

Returns:

Result of the GetAnalyzer operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

getArchiveRule

public GetArchiveRuleResult getArchiveRule(GetArchiveRuleRequest request)

Retrieves information about an archive rule.

Specified by:

getArchiveRule in interface AWSAccessAnalyzer

Parameters:

getArchiveRuleRequest - Retrieves an archive rule.

Returns:

Result of the GetArchiveRule operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

getFinding

public GetFindingResult getFinding(GetFindingRequest request)

Retrieves information about the specified finding.

Specified by:

getFinding in interface AWSAccessAnalyzer

Parameters:

getFindingRequest - Retrieves a finding.

Returns:

Result of the GetFinding operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listAnalyzedResources

public ListAnalyzedResourcesResult listAnalyzedResources(ListAnalyzedResourcesRequest request)

Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer..

Specified by:

listAnalyzedResources in interface AWSAccessAnalyzer

Parameters:

listAnalyzedResourcesRequest - Retrieves a list of resources that have been analyzed.

Returns:

Result of the ListAnalyzedResources operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listAnalyzers

public ListAnalyzersResult listAnalyzers(ListAnalyzersRequest request)

Retrieves a list of analyzers.

Specified by:

listAnalyzers in interface AWSAccessAnalyzer

Parameters:

listAnalyzersRequest - Retrieves a list of analyzers.

Returns:

Result of the ListAnalyzers operation returned by the service.

Throws:

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listArchiveRules

public ListArchiveRulesResult listArchiveRules(ListArchiveRulesRequest request)

Retrieves a list of archive rules created for the specified analyzer.

Specified by:

listArchiveRules in interface AWSAccessAnalyzer

Parameters:

listArchiveRulesRequest - Retrieves a list of archive rules created for the specified analyzer.

Returns:

Result of the ListArchiveRules operation returned by the service.

Throws:

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listFindings

public ListFindingsResult listFindings(ListFindingsRequest request)

Retrieves a list of findings generated by the specified analyzer.

Specified by:

listFindings in interface AWSAccessAnalyzer

Parameters:

listFindingsRequest - Retrieves a list of findings generated by the specified analyzer.

Returns:

Result of the ListFindings operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

listTagsForResource

public ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest request)

Retrieves a list of tags applied to the specified resource.

Specified by:

listTagsForResource in interface AWSAccessAnalyzer

Parameters:

listTagsForResourceRequest - Retrieves a list of tags applied to the specified resource.

Returns:

Result of the ListTagsForResource operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

startResourceScan

public StartResourceScanResult startResourceScan(StartResourceScanRequest request)

Immediately starts a scan of the policies applied to the specified resource.

Specified by:

startResourceScan in interface AWSAccessAnalyzer

Parameters:

startResourceScanRequest - Starts a scan of the policies applied to the specified resource.

Returns:

Result of the StartResourceScan operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

tagResource

public TagResourceResult tagResource(TagResourceRequest request)

Adds a tag to the specified resource.

Specified by:

tagResource in interface AWSAccessAnalyzer

Parameters:

tagResourceRequest - Adds a tag to the specified resource.

Returns:

Result of the TagResource operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

untagResource

public UntagResourceResult untagResource(UntagResourceRequest request)

Removes a tag from the specified resource.

Specified by:

untagResource in interface AWSAccessAnalyzer

Parameters:

untagResourceRequest - Removes a tag from the specified resource.

Returns:

Result of the UntagResource operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

updateArchiveRule

public UpdateArchiveRuleResult updateArchiveRule(UpdateArchiveRuleRequest request)

Updates the criteria and values for the specified archive rule.

Specified by:

updateArchiveRule in interface AWSAccessAnalyzer

Parameters:

updateArchiveRuleRequest - Updates the specified archive rule.

Returns:

Result of the UpdateArchiveRule operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

updateFindings

public UpdateFindingsResult updateFindings(UpdateFindingsRequest request)

Updates the status for the specified findings.

Specified by:

updateFindings in interface AWSAccessAnalyzer

Parameters:

updateFindingsRequest - Updates findings with the new values provided in the request.

Returns:

Result of the UpdateFindings operation returned by the service.

Throws:

ResourceNotFoundException - The specified resource could not be found.

ValidationException - Validation exception error.

InternalServerException - Internal server error.

ThrottlingException - Throttling limit exceeded error.

AccessDeniedException - You do not have sufficient access to perform this action.

See Also:

AWS API Documentation

getCachedResponseMetadata

public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request)

Returns additional metadata for a previously executed successful, request, typically used for debugging issues where a service isn't acting as expected. This data isn't considered part of the result data returned by an operation, so it's available through this separate, diagnostic interface.

Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic information for an executed request, you should use this method to retrieve it as soon as possible after executing the request.

Specified by:

getCachedResponseMetadata in interface AWSAccessAnalyzer

Parameters:

request - The originally executed request

Returns:

The response metadata for the specified request, or null if none is available.