EbsSnapshotConfiguration - IAM Access Analyzer
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

EbsSnapshotConfiguration

The proposed access control configuration for an Amazon EBS volume snapshot. You can propose a configuration for a new Amazon EBS volume snapshot or an Amazon EBS volume snapshot that you own by specifying the user IDs, groups, and optional Amazon KMS encryption key. For more information, see ModifySnapshotAttribute.

Contents

groups

The groups that have access to the Amazon EBS volume snapshot. If the value all is specified, then the Amazon EBS volume snapshot is public.

  • If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the groups, then the access preview uses the existing shared groups for the snapshot.

  • If the access preview is for a new resource and you do not specify the groups, then the access preview considers the snapshot without any groups.

  • To propose deletion of existing shared groups, you can specify an empty list for groups.

Type: Array of strings

Required: No

kmsKeyId

The KMS key identifier for an encrypted Amazon EBS volume snapshot. The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.

  • If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the kmsKeyId, or you specify an empty string, then the access preview uses the existing kmsKeyId of the snapshot.

  • If the access preview is for a new resource and you do not specify the kmsKeyId, the access preview considers the snapshot as unencrypted.

Type: String

Required: No

userIds

The IDs of the Amazon Web Services accounts that have access to the Amazon EBS volume snapshot.

  • If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the userIds, then the access preview uses the existing shared userIds for the snapshot.

  • If the access preview is for a new resource and you do not specify the userIds, then the access preview considers the snapshot without any userIds.

  • To propose deletion of existing shared accountIds, you can specify an empty list for userIds.

Type: Array of strings

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: