com.amazonaws.services.accessanalyzer.AWSAccessAnalyzer Maven / Gradle / Ivy
/*
* Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.accessanalyzer;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.accessanalyzer.model.*;
/**
* Interface for accessing Access Analyzer.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.accessanalyzer.AbstractAWSAccessAnalyzer} instead.
*
*
*
* Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to
* identify any policies that grant access to an external principal. It does this by using logic-based reasoning to
* analyze resource-based policies in your Amazon Web Services environment. An external principal can be another Amazon
* Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an
* anonymous user. You can also use IAM Access Analyzer to preview and validate public and cross-account access to your
* resources before deploying permissions changes. This guide describes the Identity and Access Management Access
* Analyzer operations that you can call programmatically. For general information about IAM Access Analyzer, see Identity and Access Management
* Access Analyzer in the IAM User Guide.
*
*
* To start using IAM Access Analyzer, you first need to create an analyzer.
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AWSAccessAnalyzer {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "access-analyzer";
/**
*
* Retroactively applies the archive rule to existing findings that meet the archive rule criteria.
*
*
* @param applyArchiveRuleRequest
* Retroactively applies an archive rule.
* @return Result of the ApplyArchiveRule operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ApplyArchiveRule
* @see AWS API Documentation
*/
ApplyArchiveRuleResult applyArchiveRule(ApplyArchiveRuleRequest applyArchiveRuleRequest);
/**
*
* Cancels the requested policy generation.
*
*
* @param cancelPolicyGenerationRequest
* @return Result of the CancelPolicyGeneration operation returned by the service.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.CancelPolicyGeneration
* @see AWS API Documentation
*/
CancelPolicyGenerationResult cancelPolicyGeneration(CancelPolicyGenerationRequest cancelPolicyGenerationRequest);
/**
*
* Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before
* deploying resource permissions.
*
*
* @param createAccessPreviewRequest
* @return Result of the CreateAccessPreview operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ConflictException
* A conflict exception error.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ServiceQuotaExceededException
* Service quote met error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.CreateAccessPreview
* @see AWS API Documentation
*/
CreateAccessPreviewResult createAccessPreview(CreateAccessPreviewRequest createAccessPreviewRequest);
/**
*
* Creates an analyzer for your account.
*
*
* @param createAnalyzerRequest
* Creates an analyzer.
* @return Result of the CreateAnalyzer operation returned by the service.
* @throws ConflictException
* A conflict exception error.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ServiceQuotaExceededException
* Service quote met error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.CreateAnalyzer
* @see AWS
* API Documentation
*/
CreateAnalyzerResult createAnalyzer(CreateAnalyzerRequest createAnalyzerRequest);
/**
*
* Creates an archive rule for the specified analyzer. Archive rules automatically archive new findings that meet
* the criteria you define when you create the rule.
*
*
* To learn about filter keys that you can use to create an archive rule, see IAM Access
* Analyzer filter keys in the IAM User Guide.
*
*
* @param createArchiveRuleRequest
* Creates an archive rule.
* @return Result of the CreateArchiveRule operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ConflictException
* A conflict exception error.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ServiceQuotaExceededException
* Service quote met error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.CreateArchiveRule
* @see AWS API Documentation
*/
CreateArchiveRuleResult createArchiveRule(CreateArchiveRuleRequest createArchiveRuleRequest);
/**
*
* Deletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled for the account or
* organization in the current or specific Region. All findings that were generated by the analyzer are deleted. You
* cannot undo this action.
*
*
* @param deleteAnalyzerRequest
* Deletes an analyzer.
* @return Result of the DeleteAnalyzer operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.DeleteAnalyzer
* @see AWS
* API Documentation
*/
DeleteAnalyzerResult deleteAnalyzer(DeleteAnalyzerRequest deleteAnalyzerRequest);
/**
*
* Deletes the specified archive rule.
*
*
* @param deleteArchiveRuleRequest
* Deletes an archive rule.
* @return Result of the DeleteArchiveRule operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.DeleteArchiveRule
* @see AWS API Documentation
*/
DeleteArchiveRuleResult deleteArchiveRule(DeleteArchiveRuleRequest deleteArchiveRuleRequest);
/**
*
* Retrieves information about an access preview for the specified analyzer.
*
*
* @param getAccessPreviewRequest
* @return Result of the GetAccessPreview operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.GetAccessPreview
* @see AWS API Documentation
*/
GetAccessPreviewResult getAccessPreview(GetAccessPreviewRequest getAccessPreviewRequest);
/**
*
* Retrieves information about a resource that was analyzed.
*
*
* @param getAnalyzedResourceRequest
* Retrieves an analyzed resource.
* @return Result of the GetAnalyzedResource operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.GetAnalyzedResource
* @see AWS API Documentation
*/
GetAnalyzedResourceResult getAnalyzedResource(GetAnalyzedResourceRequest getAnalyzedResourceRequest);
/**
*
* Retrieves information about the specified analyzer.
*
*
* @param getAnalyzerRequest
* Retrieves an analyzer.
* @return Result of the GetAnalyzer operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.GetAnalyzer
* @see AWS API
* Documentation
*/
GetAnalyzerResult getAnalyzer(GetAnalyzerRequest getAnalyzerRequest);
/**
*
* Retrieves information about an archive rule.
*
*
* To learn about filter keys that you can use to create an archive rule, see IAM Access
* Analyzer filter keys in the IAM User Guide.
*
*
* @param getArchiveRuleRequest
* Retrieves an archive rule.
* @return Result of the GetArchiveRule operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.GetArchiveRule
* @see AWS
* API Documentation
*/
GetArchiveRuleResult getArchiveRule(GetArchiveRuleRequest getArchiveRuleRequest);
/**
*
* Retrieves information about the specified finding.
*
*
* @param getFindingRequest
* Retrieves a finding.
* @return Result of the GetFinding operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.GetFinding
* @see AWS API
* Documentation
*/
GetFindingResult getFinding(GetFindingRequest getFindingRequest);
/**
*
* Retrieves the policy that was generated using StartPolicyGeneration.
*
*
* @param getGeneratedPolicyRequest
* @return Result of the GetGeneratedPolicy operation returned by the service.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.GetGeneratedPolicy
* @see AWS API Documentation
*/
GetGeneratedPolicyResult getGeneratedPolicy(GetGeneratedPolicyRequest getGeneratedPolicyRequest);
/**
*
* Retrieves a list of access preview findings generated by the specified access preview.
*
*
* @param listAccessPreviewFindingsRequest
* @return Result of the ListAccessPreviewFindings operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ConflictException
* A conflict exception error.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListAccessPreviewFindings
* @see AWS API Documentation
*/
ListAccessPreviewFindingsResult listAccessPreviewFindings(ListAccessPreviewFindingsRequest listAccessPreviewFindingsRequest);
/**
*
* Retrieves a list of access previews for the specified analyzer.
*
*
* @param listAccessPreviewsRequest
* @return Result of the ListAccessPreviews operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListAccessPreviews
* @see AWS API Documentation
*/
ListAccessPreviewsResult listAccessPreviews(ListAccessPreviewsRequest listAccessPreviewsRequest);
/**
*
* Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer..
*
*
* @param listAnalyzedResourcesRequest
* Retrieves a list of resources that have been analyzed.
* @return Result of the ListAnalyzedResources operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListAnalyzedResources
* @see AWS API Documentation
*/
ListAnalyzedResourcesResult listAnalyzedResources(ListAnalyzedResourcesRequest listAnalyzedResourcesRequest);
/**
*
* Retrieves a list of analyzers.
*
*
* @param listAnalyzersRequest
* Retrieves a list of analyzers.
* @return Result of the ListAnalyzers operation returned by the service.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListAnalyzers
* @see AWS
* API Documentation
*/
ListAnalyzersResult listAnalyzers(ListAnalyzersRequest listAnalyzersRequest);
/**
*
* Retrieves a list of archive rules created for the specified analyzer.
*
*
* @param listArchiveRulesRequest
* Retrieves a list of archive rules created for the specified analyzer.
* @return Result of the ListArchiveRules operation returned by the service.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListArchiveRules
* @see AWS API Documentation
*/
ListArchiveRulesResult listArchiveRules(ListArchiveRulesRequest listArchiveRulesRequest);
/**
*
* Retrieves a list of findings generated by the specified analyzer.
*
*
* To learn about filter keys that you can use to retrieve a list of findings, see IAM Access
* Analyzer filter keys in the IAM User Guide.
*
*
* @param listFindingsRequest
* Retrieves a list of findings generated by the specified analyzer.
* @return Result of the ListFindings operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListFindings
* @see AWS
* API Documentation
*/
ListFindingsResult listFindings(ListFindingsRequest listFindingsRequest);
/**
*
* Lists all of the policy generations requested in the last seven days.
*
*
* @param listPolicyGenerationsRequest
* @return Result of the ListPolicyGenerations operation returned by the service.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListPolicyGenerations
* @see AWS API Documentation
*/
ListPolicyGenerationsResult listPolicyGenerations(ListPolicyGenerationsRequest listPolicyGenerationsRequest);
/**
*
* Retrieves a list of tags applied to the specified resource.
*
*
* @param listTagsForResourceRequest
* Retrieves a list of tags applied to the specified resource.
* @return Result of the ListTagsForResource operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ListTagsForResource
* @see AWS API Documentation
*/
ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest);
/**
*
* Starts the policy generation request.
*
*
* @param startPolicyGenerationRequest
* @return Result of the StartPolicyGeneration operation returned by the service.
* @throws ConflictException
* A conflict exception error.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ServiceQuotaExceededException
* Service quote met error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.StartPolicyGeneration
* @see AWS API Documentation
*/
StartPolicyGenerationResult startPolicyGeneration(StartPolicyGenerationRequest startPolicyGenerationRequest);
/**
*
* Immediately starts a scan of the policies applied to the specified resource.
*
*
* @param startResourceScanRequest
* Starts a scan of the policies applied to the specified resource.
* @return Result of the StartResourceScan operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.StartResourceScan
* @see AWS API Documentation
*/
StartResourceScanResult startResourceScan(StartResourceScanRequest startResourceScanRequest);
/**
*
* Adds a tag to the specified resource.
*
*
* @param tagResourceRequest
* Adds a tag to the specified resource.
* @return Result of the TagResource operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.TagResource
* @see AWS API
* Documentation
*/
TagResourceResult tagResource(TagResourceRequest tagResourceRequest);
/**
*
* Removes a tag from the specified resource.
*
*
* @param untagResourceRequest
* Removes a tag from the specified resource.
* @return Result of the UntagResource operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.UntagResource
* @see AWS
* API Documentation
*/
UntagResourceResult untagResource(UntagResourceRequest untagResourceRequest);
/**
*
* Updates the criteria and values for the specified archive rule.
*
*
* @param updateArchiveRuleRequest
* Updates the specified archive rule.
* @return Result of the UpdateArchiveRule operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.UpdateArchiveRule
* @see AWS API Documentation
*/
UpdateArchiveRuleResult updateArchiveRule(UpdateArchiveRuleRequest updateArchiveRuleRequest);
/**
*
* Updates the status for the specified findings.
*
*
* @param updateFindingsRequest
* Updates findings with the new values provided in the request.
* @return Result of the UpdateFindings operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource could not be found.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.UpdateFindings
* @see AWS
* API Documentation
*/
UpdateFindingsResult updateFindings(UpdateFindingsRequest updateFindingsRequest);
/**
*
* Requests the validation of a policy and returns a list of findings. The findings help you identify issues and
* provide actionable recommendations to resolve the issue and enable you to author functional policies that meet
* security best practices.
*
*
* @param validatePolicyRequest
* @return Result of the ValidatePolicy operation returned by the service.
* @throws ValidationException
* Validation exception error.
* @throws InternalServerException
* Internal server error.
* @throws ThrottlingException
* Throttling limit exceeded error.
* @throws AccessDeniedException
* You do not have sufficient access to perform this action.
* @sample AWSAccessAnalyzer.ValidatePolicy
* @see AWS
* API Documentation
*/
ValidatePolicyResult validatePolicy(ValidatePolicyRequest validatePolicyRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy