Class: AWSCDK::AccessAnalyzer::CfnAnalyzer::InternalAccessAnalysisRuleCriteriaProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
access_analyzer/cfn_analyzer.rb

Overview

The criteria for an analysis rule for an internal access analyzer.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(account_ids: nil, resource_arns: nil, resource_types: nil) ⇒ InternalAccessAnalysisRuleCriteriaProperty

Returns a new instance of InternalAccessAnalysisRuleCriteriaProperty.

Parameters:

  • account_ids (Array<String>, nil) (defaults to: nil)

    A list of AWS account IDs to apply to the internal access analysis rule criteria.

  • resource_arns (Array<String>, nil) (defaults to: nil)

    A list of resource ARNs to apply to the internal access analysis rule criteria.

  • resource_types (Array<String>, nil) (defaults to: nil)

    A list of resource types to apply to the internal access analysis rule criteria.



829
830
831
832
833
834
835
836
# File 'access_analyzer/cfn_analyzer.rb', line 829

def initialize(account_ids: nil, resource_arns: nil, resource_types: nil)
  @account_ids = 
  Jsii::Type.check_type(@account_ids, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "accountIds") unless @account_ids.nil?
  @resource_arns = resource_arns
  Jsii::Type.check_type(@resource_arns, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "resourceArns") unless @resource_arns.nil?
  @resource_types = resource_types
  Jsii::Type.check_type(@resource_types, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "resourceTypes") unless @resource_types.nil?
end

Instance Attribute Details

#account_idsArray<String>? (readonly)

A list of AWS account IDs to apply to the internal access analysis rule criteria.

Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.



844
845
846
# File 'access_analyzer/cfn_analyzer.rb', line 844

def 
  @account_ids
end

#resource_arnsArray<String>? (readonly)

A list of resource ARNs to apply to the internal access analysis rule criteria.

The analyzer will only generate findings for resources that match these ARNs.



851
852
853
# File 'access_analyzer/cfn_analyzer.rb', line 851

def resource_arns
  @resource_arns
end

#resource_typesArray<String>? (readonly)

A list of resource types to apply to the internal access analysis rule criteria.

The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:

  • AWS::S3::Bucket
  • AWS::RDS::DBSnapshot
  • AWS::RDS::DBClusterSnapshot
  • AWS::S3Express::DirectoryBucket
  • AWS::DynamoDB::Table
  • AWS::DynamoDB::Stream


865
866
867
# File 'access_analyzer/cfn_analyzer.rb', line 865

def resource_types
  @resource_types
end

Class Method Details

.jsii_propertiesObject



867
868
869
870
871
872
873
# File 'access_analyzer/cfn_analyzer.rb', line 867

def self.jsii_properties
  {
    :account_ids => "accountIds",
    :resource_arns => "resourceArns",
    :resource_types => "resourceTypes",
  }
end

Instance Method Details

#to_jsiiObject



875
876
877
878
879
880
881
882
883
# File 'access_analyzer/cfn_analyzer.rb', line 875

def to_jsii
  result = {}
  result.merge!({
    "accountIds" => @account_ids,
    "resourceArns" => @resource_arns,
    "resourceTypes" => @resource_types,
  })
  result.compact
end