Interface InternalAccessDetails.Builder
- All Superinterfaces:
Buildable
,CopyableBuilder<InternalAccessDetails.Builder,
,InternalAccessDetails> SdkBuilder<InternalAccessDetails.Builder,
,InternalAccessDetails> SdkPojo
- Enclosing class:
InternalAccessDetails
-
Method Summary
Modifier and TypeMethodDescriptionaccessType
(String accessType) The type of internal access identified in the finding.accessType
(InternalAccessType accessType) The type of internal access identified in the finding.The action in the analyzed policy statement that has internal access permission to use.action
(Collection<String> action) The action in the analyzed policy statement that has internal access permission to use.The condition in the analyzed policy statement that resulted in an internal access finding.The principal that has access to a resource within the internal environment.principalOwnerAccount
(String principalOwnerAccount) The Amazon Web Services account ID that owns the principal identified in the internal access finding.principalType
(String principalType) The type of principal identified in the internal access finding, such as IAM role or IAM user.principalType
(PrincipalType principalType) The type of principal identified in the internal access finding, such as IAM role or IAM user.resourceControlPolicyRestriction
(String resourceControlPolicyRestriction) The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).resourceControlPolicyRestriction
(ResourceControlPolicyRestriction resourceControlPolicyRestriction) The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).serviceControlPolicyRestriction
(String serviceControlPolicyRestriction) The type of restriction applied to the finding by an Organizations service control policy (SCP).serviceControlPolicyRestriction
(ServiceControlPolicyRestriction serviceControlPolicyRestriction) The type of restriction applied to the finding by an Organizations service control policy (SCP).sources
(Collection<FindingSource> sources) The sources of the internal access finding.sources
(Consumer<FindingSource.Builder>... sources) The sources of the internal access finding.sources
(FindingSource... sources) The sources of the internal access finding.Methods inherited from interface software.amazon.awssdk.utils.builder.CopyableBuilder
copy
Methods inherited from interface software.amazon.awssdk.utils.builder.SdkBuilder
applyMutation, build
Methods inherited from interface software.amazon.awssdk.core.SdkPojo
equalsBySdkFields, sdkFieldNameToField, sdkFields
-
Method Details
-
action
The action in the analyzed policy statement that has internal access permission to use.
- Parameters:
action
- The action in the analyzed policy statement that has internal access permission to use.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
action
The action in the analyzed policy statement that has internal access permission to use.
- Parameters:
action
- The action in the analyzed policy statement that has internal access permission to use.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
condition
The condition in the analyzed policy statement that resulted in an internal access finding.
- Parameters:
condition
- The condition in the analyzed policy statement that resulted in an internal access finding.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
principal
The principal that has access to a resource within the internal environment.
- Parameters:
principal
- The principal that has access to a resource within the internal environment.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
principalOwnerAccount
The Amazon Web Services account ID that owns the principal identified in the internal access finding.
- Parameters:
principalOwnerAccount
- The Amazon Web Services account ID that owns the principal identified in the internal access finding.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
accessType
The type of internal access identified in the finding. This indicates how the access is granted within your Amazon Web Services environment.
- Parameters:
accessType
- The type of internal access identified in the finding. This indicates how the access is granted within your Amazon Web Services environment.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
accessType
The type of internal access identified in the finding. This indicates how the access is granted within your Amazon Web Services environment.
- Parameters:
accessType
- The type of internal access identified in the finding. This indicates how the access is granted within your Amazon Web Services environment.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
principalType
The type of principal identified in the internal access finding, such as IAM role or IAM user.
- Parameters:
principalType
- The type of principal identified in the internal access finding, such as IAM role or IAM user.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
principalType
The type of principal identified in the internal access finding, such as IAM role or IAM user.
- Parameters:
principalType
- The type of principal identified in the internal access finding, such as IAM role or IAM user.- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
sources
The sources of the internal access finding. This indicates how the access that generated the finding is granted within your Amazon Web Services environment.
- Parameters:
sources
- The sources of the internal access finding. This indicates how the access that generated the finding is granted within your Amazon Web Services environment.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
sources
The sources of the internal access finding. This indicates how the access that generated the finding is granted within your Amazon Web Services environment.
- Parameters:
sources
- The sources of the internal access finding. This indicates how the access that generated the finding is granted within your Amazon Web Services environment.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
sources
The sources of the internal access finding. This indicates how the access that generated the finding is granted within your Amazon Web Services environment.
This is a convenience method that creates an instance of theFindingSource.Builder
avoiding the need to create one manually viaFindingSource.builder()
.When the
Consumer
completes,SdkBuilder.build()
is called immediately and its result is passed tosources(List<FindingSource>)
.- Parameters:
sources
- a consumer that will call methods onFindingSource.Builder
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
resourceControlPolicyRestriction
InternalAccessDetails.Builder resourceControlPolicyRestriction(String resourceControlPolicyRestriction) The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).
-
APPLICABLE
: There is an RCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLICABLE
, thens3:DeleteObject
would still be included in the list of actions for the finding. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_RCP
: There was an error evaluating the RCP. -
NOT_APPLICABLE
: There was no RCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no RCP applicable to the resource. -
APPLIED
: An RCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLIED
, thens3:DeleteObject
would not be included in the list of actions for the finding. Only applicable to internal access findings with the organization as the zone of trust.
- Parameters:
resourceControlPolicyRestriction
- The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).-
APPLICABLE
: There is an RCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLICABLE
, thens3:DeleteObject
would still be included in the list of actions for the finding. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_RCP
: There was an error evaluating the RCP. -
NOT_APPLICABLE
: There was no RCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no RCP applicable to the resource. -
APPLIED
: An RCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLIED
, thens3:DeleteObject
would not be included in the list of actions for the finding. Only applicable to internal access findings with the organization as the zone of trust.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-
resourceControlPolicyRestriction
InternalAccessDetails.Builder resourceControlPolicyRestriction(ResourceControlPolicyRestriction resourceControlPolicyRestriction) The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).
-
APPLICABLE
: There is an RCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLICABLE
, thens3:DeleteObject
would still be included in the list of actions for the finding. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_RCP
: There was an error evaluating the RCP. -
NOT_APPLICABLE
: There was no RCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no RCP applicable to the resource. -
APPLIED
: An RCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLIED
, thens3:DeleteObject
would not be included in the list of actions for the finding. Only applicable to internal access findings with the organization as the zone of trust.
- Parameters:
resourceControlPolicyRestriction
- The type of restriction applied to the finding by the resource owner with an Organizations resource control policy (RCP).-
APPLICABLE
: There is an RCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLICABLE
, thens3:DeleteObject
would still be included in the list of actions for the finding. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_RCP
: There was an error evaluating the RCP. -
NOT_APPLICABLE
: There was no RCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no RCP applicable to the resource. -
APPLIED
: An RCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. For example, ifs3:DeleteObject
is blocked by the RCP and the restriction isAPPLIED
, thens3:DeleteObject
would not be included in the list of actions for the finding. Only applicable to internal access findings with the organization as the zone of trust.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-
serviceControlPolicyRestriction
InternalAccessDetails.Builder serviceControlPolicyRestriction(String serviceControlPolicyRestriction) The type of restriction applied to the finding by an Organizations service control policy (SCP).
-
APPLICABLE
: There is an SCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_SCP
: There was an error evaluating the SCP. -
NOT_APPLICABLE
: There was no SCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no SCP applicable to the principal. -
APPLIED
: An SCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. Only applicable to internal access findings with the organization as the zone of trust.
- Parameters:
serviceControlPolicyRestriction
- The type of restriction applied to the finding by an Organizations service control policy (SCP).-
APPLICABLE
: There is an SCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_SCP
: There was an error evaluating the SCP. -
NOT_APPLICABLE
: There was no SCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no SCP applicable to the principal. -
APPLIED
: An SCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. Only applicable to internal access findings with the organization as the zone of trust.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-
serviceControlPolicyRestriction
InternalAccessDetails.Builder serviceControlPolicyRestriction(ServiceControlPolicyRestriction serviceControlPolicyRestriction) The type of restriction applied to the finding by an Organizations service control policy (SCP).
-
APPLICABLE
: There is an SCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_SCP
: There was an error evaluating the SCP. -
NOT_APPLICABLE
: There was no SCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no SCP applicable to the principal. -
APPLIED
: An SCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. Only applicable to internal access findings with the organization as the zone of trust.
- Parameters:
serviceControlPolicyRestriction
- The type of restriction applied to the finding by an Organizations service control policy (SCP).-
APPLICABLE
: There is an SCP present in the organization but IAM Access Analyzer does not include it in the evaluation of effective permissions. Only applicable to internal access findings with the account as the zone of trust. -
FAILED_TO_EVALUATE_SCP
: There was an error evaluating the SCP. -
NOT_APPLICABLE
: There was no SCP present in the organization. For internal access findings with the account as the zone of trust,NOT_APPLICABLE
could also indicate that there was no SCP applicable to the principal. -
APPLIED
: An SCP is present in the organization and IAM Access Analyzer included it in the evaluation of effective permissions. Only applicable to internal access findings with the organization as the zone of trust.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-