Docs
PackagesTry AWS Native preview for resources not in the classic version.
AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi
aws.accessanalyzer.Analyzer
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi
Manages an Access Analyzer Analyzer. More information can be found in the Access Analyzer User Guide.
Example Usage
Account Analyzer
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.accessanalyzer.Analyzer("example", {analyzerName: "example"});
import pulumi
import pulumi_aws as aws
example = aws.accessanalyzer.Analyzer("example", analyzer_name="example")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := accessanalyzer.NewAnalyzer(ctx, "example", &accessanalyzer.AnalyzerArgs{
AnalyzerName: pulumi.String("example"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.AccessAnalyzer.Analyzer("example", new()
{
AnalyzerName = "example",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.accessanalyzer.Analyzer;
import com.pulumi.aws.accessanalyzer.AnalyzerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Analyzer("example", AnalyzerArgs.builder()
.analyzerName("example")
.build());
}
}
resources:
example:
type: aws:accessanalyzer:Analyzer
properties:
analyzerName: example
Organization Analyzer
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.organizations.Organization("example", {awsServiceAccessPrincipals: ["access-analyzer.amazonaws.com"]});
const exampleAnalyzer = new aws.accessanalyzer.Analyzer("example", {
analyzerName: "example",
type: "ORGANIZATION",
}, {
dependsOn: [example],
});
import pulumi
import pulumi_aws as aws
example = aws.organizations.Organization("example", aws_service_access_principals=["access-analyzer.amazonaws.com"])
example_analyzer = aws.accessanalyzer.Analyzer("example",
analyzer_name="example",
type="ORGANIZATION",
opts=pulumi.ResourceOptions(depends_on=[example]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/accessanalyzer"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := organizations.NewOrganization(ctx, "example", &organizations.OrganizationArgs{
AwsServiceAccessPrincipals: pulumi.StringArray{
pulumi.String("access-analyzer.amazonaws.com"),
},
})
if err != nil {
return err
}
_, err = accessanalyzer.NewAnalyzer(ctx, "example", &accessanalyzer.AnalyzerArgs{
AnalyzerName: pulumi.String("example"),
Type: pulumi.String("ORGANIZATION"),
}, pulumi.DependsOn([]pulumi.Resource{
example,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Organizations.Organization("example", new()
{
AwsServiceAccessPrincipals = new[]
{
"access-analyzer.amazonaws.com",
},
});
var exampleAnalyzer = new Aws.AccessAnalyzer.Analyzer("example", new()
{
AnalyzerName = "example",
Type = "ORGANIZATION",
}, new CustomResourceOptions
{
DependsOn =
{
example,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.organizations.Organization;
import com.pulumi.aws.organizations.OrganizationArgs;
import com.pulumi.aws.accessanalyzer.Analyzer;
import com.pulumi.aws.accessanalyzer.AnalyzerArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Organization("example", OrganizationArgs.builder()
.awsServiceAccessPrincipals("access-analyzer.amazonaws.com")
.build());
var exampleAnalyzer = new Analyzer("exampleAnalyzer", AnalyzerArgs.builder()
.analyzerName("example")
.type("ORGANIZATION")
.build(), CustomResourceOptions.builder()
.dependsOn(example)
.build());
}
}
resources:
example:
type: aws:organizations:Organization
properties:
awsServiceAccessPrincipals:
- access-analyzer.amazonaws.com
exampleAnalyzer:
type: aws:accessanalyzer:Analyzer
name: example
properties:
analyzerName: example
type: ORGANIZATION
options:
dependson:
- ${example}
Create Analyzer Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Analyzer(name: string, args: AnalyzerArgs, opts?: CustomResourceOptions);@overload
def Analyzer(resource_name: str,
args: AnalyzerArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Analyzer(resource_name: str,
opts: Optional[ResourceOptions] = None,
analyzer_name: Optional[str] = None,
configuration: Optional[AnalyzerConfigurationArgs] = None,
tags: Optional[Mapping[str, str]] = None,
type: Optional[str] = None)func NewAnalyzer(ctx *Context, name string, args AnalyzerArgs, opts ...ResourceOption) (*Analyzer, error)public Analyzer(string name, AnalyzerArgs args, CustomResourceOptions? opts = null)
public Analyzer(String name, AnalyzerArgs args)
public Analyzer(String name, AnalyzerArgs args, CustomResourceOptions options)
type: aws:accessanalyzer:Analyzer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AnalyzerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var analyzerResource = new Aws.AccessAnalyzer.Analyzer("analyzerResource", new()
{
AnalyzerName = "string",
Configuration = new Aws.AccessAnalyzer.Inputs.AnalyzerConfigurationArgs
{
UnusedAccess = new Aws.AccessAnalyzer.Inputs.AnalyzerConfigurationUnusedAccessArgs
{
UnusedAccessAge = 0,
},
},
Tags =
{
{ "string", "string" },
},
Type = "string",
});
example, err := accessanalyzer.NewAnalyzer(ctx, "analyzerResource", &accessanalyzer.AnalyzerArgs{
AnalyzerName: pulumi.String("string"),
Configuration: &accessanalyzer.AnalyzerConfigurationArgs{
UnusedAccess: &accessanalyzer.AnalyzerConfigurationUnusedAccessArgs{
UnusedAccessAge: pulumi.Int(0),
},
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Type: pulumi.String("string"),
})
var analyzerResource = new Analyzer("analyzerResource", AnalyzerArgs.builder()
.analyzerName("string")
.configuration(AnalyzerConfigurationArgs.builder()
.unusedAccess(AnalyzerConfigurationUnusedAccessArgs.builder()
.unusedAccessAge(0)
.build())
.build())
.tags(Map.of("string", "string"))
.type("string")
.build());
analyzer_resource = aws.accessanalyzer.Analyzer("analyzerResource",
analyzer_name="string",
configuration=aws.accessanalyzer.AnalyzerConfigurationArgs(
unused_access=aws.accessanalyzer.AnalyzerConfigurationUnusedAccessArgs(
unused_access_age=0,
),
),
tags={
"string": "string",
},
type="string")
const analyzerResource = new aws.accessanalyzer.Analyzer("analyzerResource", {
analyzerName: "string",
configuration: {
unusedAccess: {
unusedAccessAge: 0,
},
},
tags: {
string: "string",
},
type: "string",
});
type: aws:accessanalyzer:Analyzer
properties:
analyzerName: string
configuration:
unusedAccess:
unusedAccessAge: 0
tags:
string: string
type: string
Analyzer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Analyzer resource accepts the following input properties:
- Analyzer
Name string Name of the Analyzer.
The following arguments are optional:
- Configuration
Analyzer
Configuration - A block that specifies the configuration of the analyzer. Documented below
- Dictionary<string, string>
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Type string
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- Analyzer
Name string Name of the Analyzer.
The following arguments are optional:
- Configuration
Analyzer
Configuration Args - A block that specifies the configuration of the analyzer. Documented below
- map[string]string
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Type string
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer
Name String Name of the Analyzer.
The following arguments are optional:
- configuration
Analyzer
Configuration - A block that specifies the configuration of the analyzer. Documented below
- Map<String,String>
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - type String
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer
Name string Name of the Analyzer.
The following arguments are optional:
- configuration
Analyzer
Configuration - A block that specifies the configuration of the analyzer. Documented below
- {[key: string]: string}
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - type string
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer_
name str Name of the Analyzer.
The following arguments are optional:
- configuration
Analyzer
Configuration Args - A block that specifies the configuration of the analyzer. Documented below
- Mapping[str, str]
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - type str
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer
Name String Name of the Analyzer.
The following arguments are optional:
- configuration Property Map
- A block that specifies the configuration of the analyzer. Documented below
- Map<String>
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - type String
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
Outputs
All input properties are implicitly available as output properties. Additionally, the Analyzer resource produces the following output properties:
Look up Existing Analyzer Resource
Get an existing Analyzer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AnalyzerState, opts?: CustomResourceOptions): Analyzer@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
analyzer_name: Optional[str] = None,
arn: Optional[str] = None,
configuration: Optional[AnalyzerConfigurationArgs] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
type: Optional[str] = None) -> Analyzerfunc GetAnalyzer(ctx *Context, name string, id IDInput, state *AnalyzerState, opts ...ResourceOption) (*Analyzer, error)public static Analyzer Get(string name, Input<string> id, AnalyzerState? state, CustomResourceOptions? opts = null)public static Analyzer get(String name, Output<String> id, AnalyzerState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Analyzer
Name string Name of the Analyzer.
The following arguments are optional:
- Arn string
- ARN of the Analyzer.
- Configuration
Analyzer
Configuration - A block that specifies the configuration of the analyzer. Documented below
- Dictionary<string, string>
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Type string
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- Analyzer
Name string Name of the Analyzer.
The following arguments are optional:
- Arn string
- ARN of the Analyzer.
- Configuration
Analyzer
Configuration Args - A block that specifies the configuration of the analyzer. Documented below
- map[string]string
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Type string
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer
Name String Name of the Analyzer.
The following arguments are optional:
- arn String
- ARN of the Analyzer.
- configuration
Analyzer
Configuration - A block that specifies the configuration of the analyzer. Documented below
- Map<String,String>
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - type String
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer
Name string Name of the Analyzer.
The following arguments are optional:
- arn string
- ARN of the Analyzer.
- configuration
Analyzer
Configuration - A block that specifies the configuration of the analyzer. Documented below
- {[key: string]: string}
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - type string
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer_
name str Name of the Analyzer.
The following arguments are optional:
- arn str
- ARN of the Analyzer.
- configuration
Analyzer
Configuration Args - A block that specifies the configuration of the analyzer. Documented below
- Mapping[str, str]
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - type str
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
- analyzer
Name String Name of the Analyzer.
The following arguments are optional:
- arn String
- ARN of the Analyzer.
- configuration Property Map
- A block that specifies the configuration of the analyzer. Documented below
- Map<String>
- Key-value map of resource tags. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - type String
- Type of Analyzer. Valid values are
ACCOUNT,ORGANIZATION,ACCOUNT_UNUSED_ACCESS,ORGANIZATION_UNUSED_ACCESS. Defaults toACCOUNT.
Supporting Types
AnalyzerConfiguration, AnalyzerConfigurationArgs
- Unused
Access AnalyzerConfiguration Unused Access - A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
- Unused
Access AnalyzerConfiguration Unused Access - A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
- unused
Access AnalyzerConfiguration Unused Access - A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
- unused
Access AnalyzerConfiguration Unused Access - A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
- unused_
access AnalyzerConfiguration Unused Access - A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
- unused
Access Property Map - A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
AnalyzerConfigurationUnusedAccess, AnalyzerConfigurationUnusedAccessArgs
- Unused
Access intAge - The specified access age in days for which to generate findings for unused access.
- Unused
Access intAge - The specified access age in days for which to generate findings for unused access.
- unused
Access IntegerAge - The specified access age in days for which to generate findings for unused access.
- unused
Access numberAge - The specified access age in days for which to generate findings for unused access.
- unused_
access_ intage - The specified access age in days for which to generate findings for unused access.
- unused
Access NumberAge - The specified access age in days for which to generate findings for unused access.
Import
Using pulumi import, import Access Analyzer Analyzers using the analyzer_name. For example:
$ pulumi import aws:accessanalyzer/analyzer:Analyzer example example
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.31.0 published on Monday, Apr 15, 2024 by Pulumi