Skip to content

Create Service Linked Analyzer

accessanalyzer_create_service_linked_analyzer R Documentation

Creates a service-linked analyzer managed by an Amazon Web Services service

Description

Creates a service-linked analyzer managed by an Amazon Web Services service. This operation can only be invoked by authorized Amazon Web Services services. Direct customer invocation returns AccessDeniedException.

Service-linked analyzers enable Amazon Web Services services to create and manage analyzers on behalf of customers. The lifecycle of these analyzers is managed by the calling service.

Usage

accessanalyzer_create_service_linked_analyzer(type, archiveRules,
  clientToken, configuration)

Arguments

type

[required] The type of analyzer to create. Valid values are ACCOUNT_UNUSED_ACCESS and ORGANIZATION_UNUSED_ACCESS.
archiveRules

Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
clientToken

A client token.
configuration

Specifies the configuration of the analyzer. The specified scope of unused access is used for the configuration.

Value

A list with the following syntax:

list(
  arn = "string"
)

Request syntax

svc$create_service_linked_analyzer(
  type = "ACCOUNT"|"ORGANIZATION"|"ACCOUNT_UNUSED_ACCESS"|"ORGANIZATION_UNUSED_ACCESS"|"ACCOUNT_INTERNAL_ACCESS"|"ORGANIZATION_INTERNAL_ACCESS",
  archiveRules = list(
    list(
      ruleName = "string",
      filter = list(
        list(
          eq = list(
            "string"
          ),
          neq = list(
            "string"
          ),
          contains = list(
            "string"
          ),
          exists = TRUE|FALSE
        )
      )
    )
  ),
  clientToken = "string",
  configuration = list(
    unusedAccess = list(
      unusedAccessAge = 123,
      analysisRule = list(
        exclusions = list(
          list(
            accountIds = list(
              "string"
            ),
            resourceTags = list(
              list(
                "string"
              )
            )
          )
        )
      )
    ),
    internalAccess = list(
      analysisRule = list(
        inclusions = list(
          list(
            accountIds = list(
              "string"
            ),
            resourceTypes = list(
              "AWS::S3::Bucket"|"AWS::IAM::Role"|"AWS::SQS::Queue"|"AWS::Lambda::Function"|"AWS::Lambda::LayerVersion"|"AWS::KMS::Key"|"AWS::SecretsManager::Secret"|"AWS::EFS::FileSystem"|"AWS::EC2::Snapshot"|"AWS::ECR::Repository"|"AWS::RDS::DBSnapshot"|"AWS::RDS::DBClusterSnapshot"|"AWS::SNS::Topic"|"AWS::S3Express::DirectoryBucket"|"AWS::DynamoDB::Table"|"AWS::DynamoDB::Stream"|"AWS::IAM::User"
            ),
            resourceArns = list(
              "string"
            )
          )
        )
      )
    )
  )
)