AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Classes

NameDescription
Class AccessCheckPolicyType

Constants used for properties of type AccessCheckPolicyType.

Class AccessPreviewStatus

Constants used for properties of type AccessPreviewStatus.

Class AccessPreviewStatusReasonCode

Constants used for properties of type AccessPreviewStatusReasonCode.

Class AclPermission

Constants used for properties of type AclPermission.

Class AmazonAccessAnalyzerClient

Implementation for accessing AccessAnalyzer

Identity and Access Management Access Analyzer helps you to set, verify, and refine your IAM policies by providing a suite of capabilities. Its features include findings for external and unused access, basic and custom policy checks for validating policies, and policy generation to generate fine-grained policies. To start using IAM Access Analyzer to identify external or unused access, you first need to create an analyzer.

External access analyzers help identify potential risks of accessing resources by enabling you to identify any resource policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An external principal can be another Amazon Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to preview public and cross-account access to your resources before deploying permissions changes.

Unused access analyzers help identify potential identity access risks by enabling you to identify unused IAM roles, unused access keys, unused console passwords, and IAM principals with unused service and action-level permissions.

Beyond findings, IAM Access Analyzer provides basic and custom policy checks to validate IAM policies before deploying permissions changes. You can use policy generation to refine permissions by attaching a policy generated using access activity logged in CloudTrail logs.

This guide describes the IAM Access Analyzer operations that you can call programmatically. For general information about IAM Access Analyzer, see Identity and Access Management Access Analyzer in the IAM User Guide.

Class AmazonAccessAnalyzerConfig

Configuration for accessing Amazon AccessAnalyzer service

Class AmazonAccessAnalyzerDefaultConfiguration

Configuration for accessing Amazon AccessAnalyzer service

Class AmazonAccessAnalyzerException

Common exception for the AccessAnalyzer service.

Class AmazonAccessAnalyzerRequest

Base class for AccessAnalyzer operation requests.

Class AnalyzerStatus

Constants used for properties of type AnalyzerStatus.

Class CheckAccessNotGrantedResult

Constants used for properties of type CheckAccessNotGrantedResult.

Class CheckNoNewAccessResult

Constants used for properties of type CheckNoNewAccessResult.

Class FindingChangeType

Constants used for properties of type FindingChangeType.

Class FindingSourceType

Constants used for properties of type FindingSourceType.

Class FindingStatus

Constants used for properties of type FindingStatus.

Class FindingStatusUpdate

Constants used for properties of type FindingStatusUpdate.

Class FindingType

Constants used for properties of type FindingType.

Class JobErrorCode

Constants used for properties of type JobErrorCode.

Class JobStatus

Constants used for properties of type JobStatus.

Class KmsGrantOperation

Constants used for properties of type KmsGrantOperation.

Class Locale

Constants used for properties of type Locale.

Class OrderBy

Constants used for properties of type OrderBy.

Class PolicyType

Constants used for properties of type PolicyType.

Class ReasonCode

Constants used for properties of type ReasonCode.

Class ResourceType

Constants used for properties of type ResourceType.

Class Type

Constants used for properties of type Type.

Class ValidatePolicyFindingType

Constants used for properties of type ValidatePolicyFindingType.

Class ValidatePolicyResourceType

Constants used for properties of type ValidatePolicyResourceType.

Class ValidationExceptionReason

Constants used for properties of type ValidationExceptionReason.

Interfaces

NameDescription
Interface IAmazonAccessAnalyzer

Interface for accessing AccessAnalyzer

Identity and Access Management Access Analyzer helps you to set, verify, and refine your IAM policies by providing a suite of capabilities. Its features include findings for external and unused access, basic and custom policy checks for validating policies, and policy generation to generate fine-grained policies. To start using IAM Access Analyzer to identify external or unused access, you first need to create an analyzer.

External access analyzers help identify potential risks of accessing resources by enabling you to identify any resource policies that grant access to an external principal. It does this by using logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An external principal can be another Amazon Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to preview public and cross-account access to your resources before deploying permissions changes.

Unused access analyzers help identify potential identity access risks by enabling you to identify unused IAM roles, unused access keys, unused console passwords, and IAM principals with unused service and action-level permissions.

Beyond findings, IAM Access Analyzer provides basic and custom policy checks to validate IAM policies before deploying permissions changes. You can use policy generation to refine permissions by attaching a policy generated using access activity logged in CloudTrail logs.

This guide describes the IAM Access Analyzer operations that you can call programmatically. For general information about IAM Access Analyzer, see Identity and Access Management Access Analyzer in the IAM User Guide.