AccessAnalyzer / Client / create_analyzer

create_analyzer#

AccessAnalyzer.Client.create_analyzer(**kwargs)#

Creates an analyzer for your account.

See also: AWS API Documentation

Request Syntax

response = client.create_analyzer(
    analyzerName='string',
    type='ACCOUNT'|'ORGANIZATION',
    archiveRules=[
        {
            'ruleName': 'string',
            'filter': {
                'string': {
                    'eq': [
                        'string',
                    ],
                    'neq': [
                        'string',
                    ],
                    'contains': [
                        'string',
                    ],
                    'exists': True|False
                }
            }
        },
    ],
    tags={
        'string': 'string'
    },
    clientToken='string'
)
Parameters:

  • analyzerName (string) –

    [REQUIRED]

    The name of the analyzer to create.

  • type (string) –

    [REQUIRED]

    The type of analyzer to create. Only ACCOUNT and ORGANIZATION analyzers are supported. You can create only one analyzer per account per Region. You can create up to 5 analyzers per organization per Region.

  • archiveRules (list) –

    Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.

    • (dict) –

      An criterion statement in an archive rule. Each archive rule may have multiple criteria.

      • ruleName (string) – [REQUIRED]

        The name of the rule.

      • filter (dict) – [REQUIRED]

        The condition and values for a criterion.

        • (string) –

          • (dict) –

            The criteria to use in the filter that defines the archive rule. For more information on available filter keys, see IAM Access Analyzer filter keys.

            • eq (list) –

              An “equals” operator to match for the filter used to create the rule.

              • (string) –

            • neq (list) –

              A “not equals” operator to match for the filter used to create the rule.

              • (string) –

            • contains (list) –

              A “contains” operator to match for the filter used to create the rule.

              • (string) –

            • exists (boolean) –

              An “exists” operator to match for the filter used to create the rule.

  • tags (dict) –

    The tags to apply to the analyzer.

    • (string) –

      • (string) –

  • clientToken (string) –

    A client token.

    This field is autopopulated if not provided.

Return type:

dict

Returns:

Response Syntax

{
    'arn': 'string'
}

Response Structure

  • (dict) –

    The response to the request to create an analyzer.

    • arn (string) –

      The ARN of the analyzer that was created by the request.

Exceptions

  • AccessAnalyzer.Client.exceptions.ConflictException

  • AccessAnalyzer.Client.exceptions.ValidationException

  • AccessAnalyzer.Client.exceptions.InternalServerException

  • AccessAnalyzer.Client.exceptions.ServiceQuotaExceededException

  • AccessAnalyzer.Client.exceptions.ThrottlingException

  • AccessAnalyzer.Client.exceptions.AccessDeniedException