2.203.0

interface InternalAccessAnalysisRuleCriteriaProperty

LanguageType name
.NETAmazon.CDK.AWS.AccessAnalyzer.CfnAnalyzer.InternalAccessAnalysisRuleCriteriaProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsaccessanalyzer#CfnAnalyzer_InternalAccessAnalysisRuleCriteriaProperty
Javasoftware.amazon.awscdk.services.accessanalyzer.CfnAnalyzer.InternalAccessAnalysisRuleCriteriaProperty
Pythonaws_cdk.aws_accessanalyzer.CfnAnalyzer.InternalAccessAnalysisRuleCriteriaProperty
TypeScript aws-cdk-lib » aws_accessanalyzer » CfnAnalyzer » InternalAccessAnalysisRuleCriteriaProperty

The criteria for an analysis rule for an internal access analyzer.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-internalaccessanalysisrulecriteria.html

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_accessanalyzer as accessanalyzer } from 'aws-cdk-lib';
const internalAccessAnalysisRuleCriteriaProperty: accessanalyzer.CfnAnalyzer.InternalAccessAnalysisRuleCriteriaProperty = {
  accountIds: ['accountIds'],
  resourceArns: ['resourceArns'],
  resourceTypes: ['resourceTypes'],
};

Properties

NameTypeDescription
accountIds?string[]A list of AWS account IDs to apply to the internal access analysis rule criteria.
resourceArns?string[]A list of resource ARNs to apply to the internal access analysis rule criteria.
resourceTypes?string[]A list of resource types to apply to the internal access analysis rule criteria.

accountIds?

Type: string[] (optional)

A list of AWS account IDs to apply to the internal access analysis rule criteria.

Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-internalaccessanalysisrulecriteria.html#cfn-accessanalyzer-analyzer-internalaccessanalysisrulecriteria-accountids

resourceArns?

Type: string[] (optional)

A list of resource ARNs to apply to the internal access analysis rule criteria.

The analyzer will only generate findings for resources that match these ARNs.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-internalaccessanalysisrulecriteria.html#cfn-accessanalyzer-analyzer-internalaccessanalysisrulecriteria-resourcearns

resourceTypes?

Type: string[] (optional)

A list of resource types to apply to the internal access analysis rule criteria.

The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:

  • AWS::S3::Bucket
  • AWS::RDS::DBSnapshot
  • AWS::RDS::DBClusterSnapshot
  • AWS::S3Express::DirectoryBucket
  • AWS::DynamoDB::Table
  • AWS::DynamoDB::Stream

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-internalaccessanalysisrulecriteria.html#cfn-accessanalyzer-analyzer-internalaccessanalysisrulecriteria-resourcetypes

PreviousNext