Skip to content

/AWS1/CL_AANINTERNALACCALYRL00

The criteria for an analysis rule for an internal access analyzer.

CONSTRUCTOR

IMPORTING

Optional arguments:

it_accountids TYPE /AWS1/CL_AANACCOUNTIDSLIST_W=>TT_ACCOUNTIDSLIST TT_ACCOUNTIDSLIST

A list of Amazon Web Services account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.

it_resourcetypes TYPE /AWS1/CL_AANRESOURCETYPELIST_W=>TT_RESOURCETYPELIST TT_RESOURCETYPELIST

A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:

  • AWS::S3::Bucket

  • AWS::RDS::DBSnapshot

  • AWS::RDS::DBClusterSnapshot

  • AWS::S3Express::DirectoryBucket

  • AWS::DynamoDB::Table

  • AWS::DynamoDB::Stream

it_resourcearns TYPE /AWS1/CL_AANRESOURCEARNSLIST_W=>TT_RESOURCEARNSLIST TT_RESOURCEARNSLIST

A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.

Queryable Attributes

accountIds

A list of Amazon Web Services account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.

Accessible with the following methods

Method Description
GET_ACCOUNTIDS() Getter for ACCOUNTIDS, with configurable default
ASK_ACCOUNTIDS() Getter for ACCOUNTIDS w/ exceptions if field has no value
HAS_ACCOUNTIDS() Determine if ACCOUNTIDS has a value

resourceTypes

A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. These resource types are currently supported for internal access analyzers:

  • AWS::S3::Bucket

  • AWS::RDS::DBSnapshot

  • AWS::RDS::DBClusterSnapshot

  • AWS::S3Express::DirectoryBucket

  • AWS::DynamoDB::Table

  • AWS::DynamoDB::Stream

Accessible with the following methods

Method Description
GET_RESOURCETYPES() Getter for RESOURCETYPES, with configurable default
ASK_RESOURCETYPES() Getter for RESOURCETYPES w/ exceptions if field has no value
HAS_RESOURCETYPES() Determine if RESOURCETYPES has a value

resourceArns

A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.

Accessible with the following methods

Method Description
GET_RESOURCEARNS() Getter for RESOURCEARNS, with configurable default
ASK_RESOURCEARNS() Getter for RESOURCEARNS w/ exceptions if field has no value
HAS_RESOURCEARNS() Determine if RESOURCEARNS has a value

Public Local Types In This Class

Internal table types, representing arrays and maps of this class, are defined as local types:

TT_INTERNALACCALYRULECRITLIST

TYPES TT_INTERNALACCALYRULECRITLIST TYPE STANDARD TABLE OF REF TO /AWS1/CL_AANINTERNALACCALYRL00 WITH DEFAULT KEY
.