Docs
PackagesAWS Native is in preview. AWS Classic is fully supported.
aws-native.accessanalyzer.Analyzer
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
The AWS::AccessAnalyzer::Analyzer type specifies an analyzer of the user’s account
Example Usage
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var analyzer = new AwsNative.AccessAnalyzer.Analyzer("analyzer", new()
{
AnalyzerName = "DevAccountAnalyzer",
ArchiveRules = new[]
{
new AwsNative.AccessAnalyzer.Inputs.AnalyzerArchiveRuleArgs
{
Filter = new[]
{
new AwsNative.AccessAnalyzer.Inputs.AnalyzerFilterArgs
{
Eq = new[]
{
"123456789012",
},
Property = "principal.AWS",
},
},
RuleName = "ArchiveTrustedAccountAccess",
},
new AwsNative.AccessAnalyzer.Inputs.AnalyzerArchiveRuleArgs
{
Filter = new[]
{
new AwsNative.AccessAnalyzer.Inputs.AnalyzerFilterArgs
{
Contains = new[]
{
"arn:aws:s3:::docs-bucket",
"arn:aws:s3:::clients-bucket",
},
Property = "resource",
},
},
RuleName = "ArchivePublicS3BucketsAccess",
},
},
Tags = new[]
{
new AwsNative.AccessAnalyzer.Inputs.AnalyzerTagArgs
{
Key = "Kind",
Value = "Dev",
},
},
Type = "ACCOUNT",
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/accessanalyzer"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := accessanalyzer.NewAnalyzer(ctx, "analyzer", &accessanalyzer.AnalyzerArgs{
AnalyzerName: pulumi.String("DevAccountAnalyzer"),
ArchiveRules: []accessanalyzer.AnalyzerArchiveRuleArgs{
{
Filter: []accessanalyzer.AnalyzerFilterArgs{
{
Eq: pulumi.StringArray{
pulumi.String("123456789012"),
},
Property: pulumi.String("principal.AWS"),
},
},
RuleName: pulumi.String("ArchiveTrustedAccountAccess"),
},
{
Filter: []accessanalyzer.AnalyzerFilterArgs{
{
Contains: pulumi.StringArray{
pulumi.String("arn:aws:s3:::docs-bucket"),
pulumi.String("arn:aws:s3:::clients-bucket"),
},
Property: pulumi.String("resource"),
},
},
RuleName: pulumi.String("ArchivePublicS3BucketsAccess"),
},
},
Tags: []accessanalyzer.AnalyzerTagArgs{
{
Key: pulumi.String("Kind"),
Value: pulumi.String("Dev"),
},
},
Type: pulumi.String("ACCOUNT"),
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
analyzer = aws_native.accessanalyzer.Analyzer("analyzer",
analyzer_name="DevAccountAnalyzer",
archive_rules=[
aws_native.accessanalyzer.AnalyzerArchiveRuleArgs(
filter=[aws_native.accessanalyzer.AnalyzerFilterArgs(
eq=["123456789012"],
property="principal.AWS",
)],
rule_name="ArchiveTrustedAccountAccess",
),
aws_native.accessanalyzer.AnalyzerArchiveRuleArgs(
filter=[aws_native.accessanalyzer.AnalyzerFilterArgs(
contains=[
"arn:aws:s3:::docs-bucket",
"arn:aws:s3:::clients-bucket",
],
property="resource",
)],
rule_name="ArchivePublicS3BucketsAccess",
),
],
tags=[aws_native.accessanalyzer.AnalyzerTagArgs(
key="Kind",
value="Dev",
)],
type="ACCOUNT")
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const analyzer = new aws_native.accessanalyzer.Analyzer("analyzer", {
analyzerName: "DevAccountAnalyzer",
archiveRules: [
{
filter: [{
eq: ["123456789012"],
property: "principal.AWS",
}],
ruleName: "ArchiveTrustedAccountAccess",
},
{
filter: [{
contains: [
"arn:aws:s3:::docs-bucket",
"arn:aws:s3:::clients-bucket",
],
property: "resource",
}],
ruleName: "ArchivePublicS3BucketsAccess",
},
],
tags: [{
key: "Kind",
value: "Dev",
}],
type: "ACCOUNT",
});
Coming soon!
Create Analyzer Resource
new Analyzer(name: string, args: AnalyzerArgs, opts?: CustomResourceOptions);@overload
def Analyzer(resource_name: str,
opts: Optional[ResourceOptions] = None,
analyzer_name: Optional[str] = None,
archive_rules: Optional[Sequence[AnalyzerArchiveRuleArgs]] = None,
tags: Optional[Sequence[AnalyzerTagArgs]] = None,
type: Optional[str] = None)
@overload
def Analyzer(resource_name: str,
args: AnalyzerArgs,
opts: Optional[ResourceOptions] = None)func NewAnalyzer(ctx *Context, name string, args AnalyzerArgs, opts ...ResourceOption) (*Analyzer, error)public Analyzer(string name, AnalyzerArgs args, CustomResourceOptions? opts = null)
public Analyzer(String name, AnalyzerArgs args)
public Analyzer(String name, AnalyzerArgs args, CustomResourceOptions options)
type: aws-native:accessanalyzer:Analyzer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Analyzer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Analyzer resource accepts the following input properties:
- Type string
The type of the analyzer, must be ACCOUNT or ORGANIZATION
- Analyzer
Name string Analyzer name
- Archive
Rules List<Pulumi.Aws Native. Access Analyzer. Inputs. Analyzer Archive Rule> -
List<Pulumi.
Aws Native. Access Analyzer. Inputs. Analyzer Tag> An array of key-value pairs to apply to this resource.
- Type string
The type of the analyzer, must be ACCOUNT or ORGANIZATION
- Analyzer
Name string Analyzer name
- Archive
Rules []AnalyzerArchive Rule Args -
[]Analyzer
Tag Args An array of key-value pairs to apply to this resource.
- type String
The type of the analyzer, must be ACCOUNT or ORGANIZATION
- analyzer
Name String Analyzer name
- archive
Rules List<AnalyzerArchive Rule> -
List<Analyzer
Tag> An array of key-value pairs to apply to this resource.
- type string
The type of the analyzer, must be ACCOUNT or ORGANIZATION
- analyzer
Name string Analyzer name
- archive
Rules AnalyzerArchive Rule[] -
Analyzer
Tag[] An array of key-value pairs to apply to this resource.
- type str
The type of the analyzer, must be ACCOUNT or ORGANIZATION
- analyzer_
name str Analyzer name
- archive_
rules Sequence[AnalyzerArchive Rule Args] -
Sequence[Analyzer
Tag Args] An array of key-value pairs to apply to this resource.
- type String
The type of the analyzer, must be ACCOUNT or ORGANIZATION
- analyzer
Name String Analyzer name
- archive
Rules List<Property Map> - List<Property Map>
An array of key-value pairs to apply to this resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the Analyzer resource produces the following output properties:
Supporting Types
AnalyzerArchiveRule, AnalyzerArchiveRuleArgs
- Filter
List<Pulumi.
Aws Native. Access Analyzer. Inputs. Analyzer Filter> - Rule
Name string The archive rule name
- Filter
[]Analyzer
Filter - Rule
Name string The archive rule name
- filter
List<Analyzer
Filter> - rule
Name String The archive rule name
- filter
Analyzer
Filter[] - rule
Name string The archive rule name
- filter
Sequence[Analyzer
Filter] - rule_
name str The archive rule name
- filter List<Property Map>
- rule
Name String The archive rule name
AnalyzerFilter, AnalyzerFilterArgs
AnalyzerTag, AnalyzerTagArgs
- Key string
The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Key string
The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- Value string
The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key string
The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value string
The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key str
The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value str
The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- key String
The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
- value String
The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.