class Aws::AccessAnalyzer::Types::AccessPreviewFinding

An access preview finding generated by the access preview.

@!attribute [rw] action

The action in the analyzed policy statement that an external
principal has permission to perform.
@return [Array<String>]

@!attribute [rw] change_type

Provides context on how the access preview finding compares to
existing access identified in IAM Access Analyzer.

* `New` - The finding is for newly-introduced access.

* `Unchanged` - The preview finding is an existing finding that
  would remain unchanged.

* `Changed` - The preview finding is an existing finding with a
  change in status.

For example, a `Changed` finding with preview status `Resolved` and
existing status `Active` indicates the existing `Active` finding
would become `Resolved` as a result of the proposed permissions
change.
@return [String]

@!attribute [rw] condition

The condition in the analyzed policy statement that resulted in a
finding.
@return [Hash<String,String>]

@!attribute [rw] created_at

The time at which the access preview finding was created.
@return [Time]

@!attribute [rw] error

An error.
@return [String]

@!attribute [rw] existing_finding_id

The existing ID of the finding in IAM Access Analyzer, provided only
for existing findings.
@return [String]

@!attribute [rw] existing_finding_status

The existing status of the finding, provided only for existing
findings.
@return [String]

@!attribute [rw] id

The ID of the access preview finding. This ID uniquely identifies
the element in the list of access preview findings and is not
related to the finding ID in Access Analyzer.
@return [String]

@!attribute [rw] is_public

Indicates whether the policy that generated the finding allows
public access to the resource.
@return [Boolean]

@!attribute [rw] principal

The external principal that has access to a resource within the zone
of trust.
@return [Hash<String,String>]

@!attribute [rw] resource

The resource that an external principal has access to. This is the
resource associated with the access preview.
@return [String]

@!attribute [rw] resource_owner_account

The Amazon Web Services account ID that owns the resource. For most
Amazon Web Services resources, the owning account is the account in
which the resource was created.
@return [String]

@!attribute [rw] resource_type

The type of the resource that can be accessed in the finding.
@return [String]

@!attribute [rw] sources

The sources of the finding. This indicates how the access that
generated the finding is granted. It is populated for Amazon S3
bucket findings.
@return [Array<Types::FindingSource>]

@!attribute [rw] status

The preview status of the finding. This is what the status of the
finding would be after permissions deployment. For example, a
`Changed` finding with preview status `Resolved` and existing status
`Active` indicates the existing `Active` finding would become
`Resolved` as a result of the proposed permissions change.
@return [String]

@see docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/AccessPreviewFinding AWS API Documentation

Constants

SENSITIVE