Table Of Contents

  1. Docs
  2. Available services
  3. AccessAnalyzer
  4. get_analyzed_resource

get_analyzed_resource

AccessAnalyzer.Client.get_analyzed_resource(**kwargs)

Retrieves information about a resource that was analyzed.

See also: AWS API Documentation

Request Syntax

response = client.get_analyzed_resource(
    analyzerArn='string',
    resourceArn='string'
)
Parameters
  • analyzerArn (string) --

    [REQUIRED]

    The ARN of the analyzer to retrieve information from.

  • resourceArn (string) --

    [REQUIRED]

    The ARN of the resource to retrieve information about.

Return type

dict

Returns

Response Syntax

{
    'resource': {
        'resourceArn': 'string',
        'resourceType': 'AWS::S3::Bucket'|'AWS::IAM::Role'|'AWS::SQS::Queue'|'AWS::Lambda::Function'|'AWS::Lambda::LayerVersion'|'AWS::KMS::Key'|'AWS::SecretsManager::Secret'|'AWS::EFS::FileSystem'|'AWS::EC2::Snapshot'|'AWS::ECR::Repository'|'AWS::RDS::DBSnapshot'|'AWS::RDS::DBClusterSnapshot'|'AWS::SNS::Topic',
        'createdAt': datetime(2015, 1, 1),
        'analyzedAt': datetime(2015, 1, 1),
        'updatedAt': datetime(2015, 1, 1),
        'isPublic': True|False,
        'actions': [
            'string',
        ],
        'sharedVia': [
            'string',
        ],
        'status': 'ACTIVE'|'ARCHIVED'|'RESOLVED',
        'resourceOwnerAccount': 'string',
        'error': 'string'
    }
}

Response Structure

  • (dict) --

    The response to the request.

    • resource (dict) --

      An AnalyzedResource object that contains information that IAM Access Analyzer found when it analyzed the resource.

      • resourceArn (string) --

        The ARN of the resource that was analyzed.

      • resourceType (string) --

        The type of the resource that was analyzed.

      • createdAt (datetime) --

        The time at which the finding was created.

      • analyzedAt (datetime) --

        The time at which the resource was analyzed.

      • updatedAt (datetime) --

        The time at which the finding was updated.

      • isPublic (boolean) --

        Indicates whether the policy that generated the finding grants public access to the resource.

      • actions (list) --

        The actions that an external principal is granted permission to use by the policy that generated the finding.

        • (string) --

      • sharedVia (list) --

        Indicates how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.

        • (string) --

      • status (string) --

        The current status of the finding generated from the analyzed resource.

      • resourceOwnerAccount (string) --

        The Amazon Web Services account ID that owns the resource.

      • error (string) --

        An error message.

Exceptions

  • AccessAnalyzer.Client.exceptions.ResourceNotFoundException
  • AccessAnalyzer.Client.exceptions.ValidationException
  • AccessAnalyzer.Client.exceptions.InternalServerException
  • AccessAnalyzer.Client.exceptions.ThrottlingException
  • AccessAnalyzer.Client.exceptions.AccessDeniedException
get_access_preview
get_analyzer
Privacy | Site Terms | Cookie preferences | © Copyright 2023, Amazon Web Services, Inc. Created using Sphinx.