Skip to content

Create Analyzer

accessanalyzer_create_analyzer R Documentation

Creates an analyzer for your account

Description

Creates an analyzer for your account.

Usage

accessanalyzer_create_analyzer(analyzerName, type, archiveRules, tags,
  clientToken, configuration)

Arguments

analyzerName

[required] The name of the analyzer to create.
type

[required] The type of analyzer to create. You can create only one analyzer per account per Region. You can create up to 5 analyzers per organization per Region.
archiveRules

Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
tags

An array of key-value pairs to apply to the analyzer. You can use the set of Unicode letters, digits, whitespace, ⁠_⁠, ., /, =, +, and -.

For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with ⁠aws:⁠.

For the tag value, you can specify a value that is 0 to 256 characters in length.
clientToken

A client token.
configuration

Specifies the configuration of the analyzer. If the analyzer is an unused access analyzer, the specified scope of unused access is used for the configuration. If the analyzer is an internal access analyzer, the specified internal access analysis rules are used for the configuration.

Value

A list with the following syntax:

list(
  arn = "string"
)

Request syntax

svc$create_analyzer(
  analyzerName = "string",
  type = "ACCOUNT"|"ORGANIZATION"|"ACCOUNT_UNUSED_ACCESS"|"ORGANIZATION_UNUSED_ACCESS"|"ACCOUNT_INTERNAL_ACCESS"|"ORGANIZATION_INTERNAL_ACCESS",
  archiveRules = list(
    list(
      ruleName = "string",
      filter = list(
        list(
          eq = list(
            "string"
          ),
          neq = list(
            "string"
          ),
          contains = list(
            "string"
          ),
          exists = TRUE|FALSE
        )
      )
    )
  ),
  tags = list(
    "string"
  ),
  clientToken = "string",
  configuration = list(
    unusedAccess = list(
      unusedAccessAge = 123,
      analysisRule = list(
        exclusions = list(
          list(
            accountIds = list(
              "string"
            ),
            resourceTags = list(
              list(
                "string"
              )
            )
          )
        )
      )
    ),
    internalAccess = list(
      analysisRule = list(
        inclusions = list(
          list(
            accountIds = list(
              "string"
            ),
            resourceTypes = list(
              "AWS::S3::Bucket"|"AWS::IAM::Role"|"AWS::SQS::Queue"|"AWS::Lambda::Function"|"AWS::Lambda::LayerVersion"|"AWS::KMS::Key"|"AWS::SecretsManager::Secret"|"AWS::EFS::FileSystem"|"AWS::EC2::Snapshot"|"AWS::ECR::Repository"|"AWS::RDS::DBSnapshot"|"AWS::RDS::DBClusterSnapshot"|"AWS::SNS::Topic"|"AWS::S3Express::DirectoryBucket"|"AWS::DynamoDB::Table"|"AWS::DynamoDB::Stream"|"AWS::IAM::User"
            ),
            resourceArns = list(
              "string"
            )
          )
        )
      )
    )
  )
)