libZSservicesZSamazonka-accessanalyzerZSamazonka-accessanalyzer
Copyright(c) 2013-2021 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay+amazonka@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone

Amazonka.AccessAnalyzer.ValidatePolicy

Description

Requests the validation of a policy and returns a list of findings. The findings help you identify issues and provide actionable recommendations to resolve the issue and enable you to author functional policies that meet security best practices.

This operation returns paginated results.

Synopsis

Creating a Request

data ValidatePolicy Source #

See: newValidatePolicy smart constructor.

Constructors

ValidatePolicy' 

Fields

  • locale :: Maybe Locale

    The locale to use for localizing the findings.

  • nextToken :: Maybe Text

    A token used for pagination of results returned.

  • maxResults :: Maybe Int

    The maximum number of results to return in the response.

  • policyDocument :: Text

    The JSON policy document to use as the content for the policy.

  • policyType :: PolicyType

    The type of policy to validate. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups. They also include service-control policies (SCPs) that are attached to an Amazon Web Services organization, organizational unit (OU), or an account.

    Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.

Instances

Instances details
Eq ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Read ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Show ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Generic ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Associated Types

type Rep ValidatePolicy :: Type -> Type #

NFData ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Methods

rnf :: ValidatePolicy -> () #

Hashable ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

ToJSON ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

AWSPager ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

AWSRequest ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Associated Types

type AWSResponse ValidatePolicy #

ToHeaders ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

ToPath ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

ToQuery ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

type Rep ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

type Rep ValidatePolicy = D1 ('MetaData "ValidatePolicy" "Amazonka.AccessAnalyzer.ValidatePolicy" "libZSservicesZSamazonka-accessanalyzerZSamazonka-accessanalyzer" 'False) (C1 ('MetaCons "ValidatePolicy'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "locale") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Locale)) :*: S1 ('MetaSel ('Just "nextToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :*: (S1 ('MetaSel ('Just "maxResults") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Int)) :*: (S1 ('MetaSel ('Just "policyDocument") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "policyType") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 PolicyType)))))
type AWSResponse ValidatePolicy Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

newValidatePolicy Source #

Create a value of ValidatePolicy with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:locale:ValidatePolicy', validatePolicy_locale - The locale to use for localizing the findings.

$sel:nextToken:ValidatePolicy', validatePolicy_nextToken - A token used for pagination of results returned.

$sel:maxResults:ValidatePolicy', validatePolicy_maxResults - The maximum number of results to return in the response.

$sel:policyDocument:ValidatePolicy', validatePolicy_policyDocument - The JSON policy document to use as the content for the policy.

$sel:policyType:ValidatePolicy', validatePolicy_policyType - The type of policy to validate. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups. They also include service-control policies (SCPs) that are attached to an Amazon Web Services organization, organizational unit (OU), or an account.

Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.

Request Lenses

validatePolicy_locale :: Lens' ValidatePolicy (Maybe Locale) Source #

The locale to use for localizing the findings.

validatePolicy_nextToken :: Lens' ValidatePolicy (Maybe Text) Source #

A token used for pagination of results returned.

validatePolicy_maxResults :: Lens' ValidatePolicy (Maybe Int) Source #

The maximum number of results to return in the response.

validatePolicy_policyDocument :: Lens' ValidatePolicy Text Source #

The JSON policy document to use as the content for the policy.

validatePolicy_policyType :: Lens' ValidatePolicy PolicyType Source #

The type of policy to validate. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups. They also include service-control policies (SCPs) that are attached to an Amazon Web Services organization, organizational unit (OU), or an account.

Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.

Destructuring the Response

data ValidatePolicyResponse Source #

See: newValidatePolicyResponse smart constructor.

Constructors

ValidatePolicyResponse' 

Fields

Instances

Instances details
Eq ValidatePolicyResponse Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Read ValidatePolicyResponse Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Show ValidatePolicyResponse Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Generic ValidatePolicyResponse Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Associated Types

type Rep ValidatePolicyResponse :: Type -> Type #

NFData ValidatePolicyResponse Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

Methods

rnf :: ValidatePolicyResponse -> () #

type Rep ValidatePolicyResponse Source # 
Instance details

Defined in Amazonka.AccessAnalyzer.ValidatePolicy

type Rep ValidatePolicyResponse = D1 ('MetaData "ValidatePolicyResponse" "Amazonka.AccessAnalyzer.ValidatePolicy" "libZSservicesZSamazonka-accessanalyzerZSamazonka-accessanalyzer" 'False) (C1 ('MetaCons "ValidatePolicyResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "nextToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int) :*: S1 ('MetaSel ('Just "findings") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 [ValidatePolicyFinding]))))

newValidatePolicyResponse Source #

Create a value of ValidatePolicyResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:nextToken:ValidatePolicy', validatePolicyResponse_nextToken - A token used for pagination of results returned.

$sel:httpStatus:ValidatePolicyResponse', validatePolicyResponse_httpStatus - The response's http status code.

$sel:findings:ValidatePolicyResponse', validatePolicyResponse_findings - The list of findings in a policy returned by IAM Access Analyzer based on its suite of policy checks.

Response Lenses

validatePolicyResponse_nextToken :: Lens' ValidatePolicyResponse (Maybe Text) Source #

A token used for pagination of results returned.

validatePolicyResponse_findings :: Lens' ValidatePolicyResponse [ValidatePolicyFinding] Source #

The list of findings in a policy returned by IAM Access Analyzer based on its suite of policy checks.