|
1 | 1 | { |
2 | 2 | "version": "2.0", |
3 | | - "service": "<p>AWS IAM Access Analyzer API Reference</p>", |
| 3 | + "service": "<p>AWS IAM Access Analyzer helps identify potential resource-access risks by enabling you to identify any policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your AWS environment. An external principal can be another AWS account, a root user, an IAM user or role, a federated user, an AWS service, or an anonymous user. This guide describes the AWS IAM Access Analyzer operations that you can call programmatically. For general information about Access Analyzer, see the <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html\">AWS IAM Access Analyzer section of the IAM User Guide</a>.</p> <p>To start using Access Analyzer, you first need to create an analyzer.</p>", |
4 | 4 | "operations": { |
5 | | - "CreateAnalyzer": "<p>Creates an analyzer with a zone of trust set to your account.</p>", |
6 | | - "CreateArchiveRule": "<p>Creates an archive rule for the specified analyzer.</p>", |
| 5 | + "CreateAnalyzer": "<p>Creates an analyzer for your account.</p>", |
| 6 | + "CreateArchiveRule": "<p>Creates an archive rule for the specified analyzer. Archive rules automatically archive findings that meet the criteria you define when you create the rule.</p>", |
7 | 7 | "DeleteAnalyzer": "<p>Deletes the specified analyzer. When you delete an analyzer, Access Analyzer is disabled for the account in the current or specific Region. All findings that were generated by the analyzer are deleted. You cannot undo this action.</p>", |
8 | 8 | "DeleteArchiveRule": "<p>Deletes the specified archive rule.</p>", |
9 | | - "GetAnalyzedResource": "<p>Retrieves information about an analyzed resource.</p>", |
| 9 | + "GetAnalyzedResource": "<p>Retrieves information about a resource that was analyzed.</p>", |
10 | 10 | "GetAnalyzer": "<p>Retrieves information about the specified analyzer.</p>", |
11 | 11 | "GetArchiveRule": "<p>Retrieves information about an archive rule.</p>", |
12 | 12 | "GetFinding": "<p>Retrieves information about the specified finding.</p>", |
13 | | - "ListAnalyzedResources": "<p>Retrieves a list of resources that have been analyzed.</p>", |
| 13 | + "ListAnalyzedResources": "<p>Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer..</p>", |
14 | 14 | "ListAnalyzers": "<p>Retrieves a list of analyzers.</p>", |
15 | 15 | "ListArchiveRules": "<p>Retrieves a list of archive rules created for the specified analyzer.</p>", |
16 | 16 | "ListFindings": "<p>Retrieves a list of findings generated by the specified analyzer.</p>", |
17 | 17 | "ListTagsForResource": "<p>Retrieves a list of tags applied to the specified resource.</p>", |
18 | | - "StartResourceScan": "<p>Starts a scan of the policies applied to the specified resource.</p>", |
| 18 | + "StartResourceScan": "<p>Immediately starts a scan of the policies applied to the specified resource.</p>", |
19 | 19 | "TagResource": "<p>Adds a tag to the specified resource.</p>", |
20 | 20 | "UntagResource": "<p>Removes a tag from the specified resource.</p>", |
21 | | - "UpdateArchiveRule": "<p>Updates the specified archive rule.</p>", |
22 | | - "UpdateFindings": "<p>Updates findings with the new values provided in the request.</p>" |
| 21 | + "UpdateArchiveRule": "<p>Updates the criteria and values for the specified archive rule.</p>", |
| 22 | + "UpdateFindings": "<p>Updates the status for the specified findings.</p>" |
23 | 23 | }, |
24 | 24 | "shapes": { |
25 | 25 | "AccessDeniedException": { |
|
129 | 129 | } |
130 | 130 | }, |
131 | 131 | "Criterion": { |
132 | | - "base": "<p>The criteria to use in the filter that defines the rule.</p>", |
| 132 | + "base": "<p>The criteria to use in the filter that defines the archive rule.</p>", |
133 | 133 | "refs": { |
134 | 134 | "FilterCriteriaMap$value": null |
135 | 135 | } |
|
149 | 149 | "refs": { |
150 | 150 | "ArchiveRuleSummary$filter": "<p>A filter used to define the archive rule.</p>", |
151 | 151 | "CreateArchiveRuleRequest$filter": "<p>The criteria for the rule.</p>", |
152 | | - "InlineArchiveRule$filter": "<p>The criteria for the rule.</p>", |
| 152 | + "InlineArchiveRule$filter": "<p>The condition and values for a criterion.</p>", |
153 | 153 | "ListFindingsRequest$filter": "<p>A filter to match for the findings to return.</p>", |
154 | 154 | "UpdateArchiveRuleRequest$filter": "<p>A filter to match for the rules to update. Only rules that match the filter are updated.</p>" |
155 | 155 | } |
|
237 | 237 | } |
238 | 238 | }, |
239 | 239 | "GetFindingResponse": { |
240 | | - "base": "<p>The resposne to the request.</p>", |
| 240 | + "base": "<p>The response to the request.</p>", |
241 | 241 | "refs": { |
242 | 242 | } |
243 | 243 | }, |
244 | 244 | "InlineArchiveRule": { |
245 | | - "base": "<p>An inline archive rule.</p>", |
| 245 | + "base": "<p>An criterion statement in an archive rule. Each archive rule may have multiple criteria.</p>", |
246 | 246 | "refs": { |
247 | 247 | "InlineArchiveRulesList$member": null |
248 | 248 | } |
249 | 249 | }, |
250 | 250 | "InlineArchiveRulesList": { |
251 | 251 | "base": null, |
252 | 252 | "refs": { |
253 | | - "CreateAnalyzerRequest$archiveRules": "<p>Specifies the archive rules to add for the analyzer.</p>" |
| 253 | + "CreateAnalyzerRequest$archiveRules": "<p>Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.</p>" |
254 | 254 | } |
255 | 255 | }, |
256 | 256 | "Integer": { |
|
305 | 305 | } |
306 | 306 | }, |
307 | 307 | "ListFindingsResponse": { |
308 | | - "base": "<p>The resposne to the request.</p>", |
| 308 | + "base": "<p>The response to the request.</p>", |
309 | 309 | "refs": { |
310 | 310 | } |
311 | 311 | }, |
|
328 | 328 | "CreateArchiveRuleRequest$analyzerName": "<p>The name of the created analyzer.</p>", |
329 | 329 | "CreateArchiveRuleRequest$ruleName": "<p>The name of the rule to create.</p>", |
330 | 330 | "DeleteAnalyzerRequest$analyzerName": "<p>The name of the analyzer to delete.</p>", |
331 | | - "DeleteArchiveRuleRequest$analyzerName": "<p>The name of the analyzer that was deleted.</p>", |
| 331 | + "DeleteArchiveRuleRequest$analyzerName": "<p>The name of the analyzer that associated with the archive rule to delete.</p>", |
332 | 332 | "DeleteArchiveRuleRequest$ruleName": "<p>The name of the rule to delete.</p>", |
333 | 333 | "GetAnalyzerRequest$analyzerName": "<p>The name of the analyzer retrieved.</p>", |
334 | 334 | "GetArchiveRuleRequest$analyzerName": "<p>The name of the analyzer to retrieve rules from.</p>", |
|
389 | 389 | } |
390 | 390 | }, |
391 | 391 | "SortCriteria": { |
392 | | - "base": "<p>The sort criteria.</p>", |
| 392 | + "base": "<p>The criteria used to sort.</p>", |
393 | 393 | "refs": { |
394 | 394 | "ListFindingsRequest$sort": "<p>The sort order for the findings returned.</p>" |
395 | 395 | } |
|
511 | 511 | "base": null, |
512 | 512 | "refs": { |
513 | 513 | "AnalyzerSummary$type": "<p>The type of analyzer, which corresponds to the zone of trust chosen for the analyzer.</p>", |
514 | | - "CreateAnalyzerRequest$type": "<p>The zone of trust for the analyzer. You can create only one analyzer per account per Region.</p>", |
515 | | - "ListAnalyzersRequest$type": "<p>The type of analyzer, which corresponds to the zone of trust selected when the analyzer was created.</p>" |
| 514 | + "CreateAnalyzerRequest$type": "<p>The type of analyzer to create. Only ACCOUNT analyzers are supported. You can create only one analyzer per account per Region.</p>", |
| 515 | + "ListAnalyzersRequest$type": "<p>The type of analyzer.</p>" |
516 | 516 | } |
517 | 517 | }, |
518 | 518 | "UntagResourceRequest": { |
|
521 | 521 | } |
522 | 522 | }, |
523 | 523 | "UntagResourceResponse": { |
524 | | - "base": "<p>The response tot he request.</p>", |
| 524 | + "base": "<p>The response to the request.</p>", |
525 | 525 | "refs": { |
526 | 526 | } |
527 | 527 | }, |
|
0 commit comments