-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #221 from stackql/feature/provider
updated aws
- Loading branch information
Showing
219 changed files
with
359,784 additions
and
128,388 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
223 changes: 223 additions & 0 deletions
223
providers/src/aws/v00.00.00000/services/accessanalyzer.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,223 @@ | ||
| openapi: 3.0.0 | ||
| info: | ||
| title: AccessAnalyzer | ||
| version: 1.0.0 | ||
| paths: {} | ||
| components: | ||
| schemas: | ||
| ArchiveRule: | ||
| description: An Access Analyzer archive rule. Archive rules automatically archive new findings that meet the criteria you define when you create the rule. | ||
| type: object | ||
| properties: | ||
| Filter: | ||
| type: array | ||
| x-insertionOrder: false | ||
| minItems: 1 | ||
| items: | ||
| $ref: '#/components/schemas/Filter' | ||
| RuleName: | ||
| type: string | ||
| description: The archive rule name | ||
| required: | ||
| - Filter | ||
| - RuleName | ||
| additionalProperties: false | ||
| Filter: | ||
| type: object | ||
| properties: | ||
| Contains: | ||
| type: array | ||
| x-insertionOrder: false | ||
| items: | ||
| type: string | ||
| Eq: | ||
| type: array | ||
| x-insertionOrder: false | ||
| items: | ||
| type: string | ||
| Exists: | ||
| type: boolean | ||
| Property: | ||
| type: string | ||
| Neq: | ||
| type: array | ||
| x-insertionOrder: false | ||
| items: | ||
| type: string | ||
| required: | ||
| - Property | ||
| additionalProperties: false | ||
| Tag: | ||
| description: A key-value pair to associate with a resource. | ||
| type: object | ||
| properties: | ||
| Key: | ||
| type: string | ||
| description: 'The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' | ||
| minLength: 1 | ||
| maxLength: 127 | ||
| Value: | ||
| type: string | ||
| description: 'The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ' | ||
| minLength: 1 | ||
| maxLength: 255 | ||
| required: | ||
| - Key | ||
| - Value | ||
| additionalProperties: false | ||
| UnusedAccessConfiguration: | ||
| description: The Configuration for Unused Access Analyzer | ||
| type: object | ||
| properties: | ||
| UnusedAccessAge: | ||
| description: The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 180 days. | ||
| type: integer | ||
| minimum: 1 | ||
| maximum: 180 | ||
| additionalProperties: false | ||
| Analyzer: | ||
| type: object | ||
| properties: | ||
| AnalyzerName: | ||
| description: Analyzer name | ||
| type: string | ||
| minLength: 1 | ||
| maxLength: 1024 | ||
| ArchiveRules: | ||
| type: array | ||
| x-insertionOrder: false | ||
| items: | ||
| $ref: '#/components/schemas/ArchiveRule' | ||
| Arn: | ||
| description: Amazon Resource Name (ARN) of the analyzer | ||
| type: string | ||
| minLength: 1 | ||
| maxLength: 1600 | ||
| Tags: | ||
| type: array | ||
| maxItems: 50 | ||
| x-insertionOrder: false | ||
| uniqueItems: true | ||
| description: An array of key-value pairs to apply to this resource. | ||
| items: | ||
| $ref: '#/components/schemas/Tag' | ||
| Type: | ||
| description: The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS | ||
| type: string | ||
| minLength: 0 | ||
| maxLength: 1024 | ||
| AnalyzerConfiguration: | ||
| description: The configuration for the analyzer | ||
| type: object | ||
| properties: | ||
| UnusedAccessConfiguration: | ||
| $ref: '#/components/schemas/UnusedAccessConfiguration' | ||
| additionalProperties: false | ||
| required: | ||
| - Type | ||
| x-stackql-resource-name: analyzer | ||
| description: The AWS::AccessAnalyzer::Analyzer type specifies an analyzer of the user's account | ||
| x-type-name: AWS::AccessAnalyzer::Analyzer | ||
| x-stackql-primary-identifier: | ||
| - Arn | ||
| x-create-only-properties: | ||
| - AnalyzerName | ||
| - Type | ||
| - AnalyzerConfiguration | ||
| x-read-only-properties: | ||
| - Arn | ||
| x-required-properties: | ||
| - Type | ||
| x-tagging: | ||
| taggable: true | ||
| tagOnCreate: true | ||
| tagUpdatable: true | ||
| cloudFormationSystemTags: true | ||
| tagProperty: /properties/Tags | ||
| x-required-permissions: | ||
| create: | ||
| - access-analyzer:CreateAnalyzer | ||
| - access-analyzer:TagResource | ||
| - iam:CreateServiceLinkedRole | ||
| - organizations:ListAWSServiceAccessForOrganization | ||
| - organizations:ListDelegatedAdministrators | ||
| read: | ||
| - access-analyzer:ListAnalyzers | ||
| - access-analyzer:GetAnalyzer | ||
| - access-analyzer:ListArchiveRules | ||
| update: | ||
| - access-analyzer:CreateArchiveRule | ||
| - access-analyzer:DeleteArchiveRule | ||
| - access-analyzer:ListAnalyzers | ||
| - access-analyzer:TagResource | ||
| - access-analyzer:UntagResource | ||
| - access-analyzer:UpdateArchiveRule | ||
| delete: | ||
| - access-analyzer:DeleteAnalyzer | ||
| list: | ||
| - access-analyzer:ListAnalyzers | ||
| x-stackQL-resources: | ||
| analyzers: | ||
| name: analyzers | ||
| id: aws.accessanalyzer.analyzers | ||
| x-cfn-schema-name: Analyzer | ||
| x-type: list | ||
| x-identifiers: | ||
| - Arn | ||
| config: | ||
| views: | ||
| select: | ||
| predicate: sqlDialect == "sqlite3" | ||
| ddl: |- | ||
| SELECT | ||
| region, | ||
| JSON_EXTRACT(Properties, '$.Arn') as arn | ||
| FROM aws.cloud_control.resources WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' | ||
| AND region = 'us-east-1' | ||
| fallback: | ||
| predicate: sqlDialect == "postgres" | ||
| ddl: |- | ||
| SELECT | ||
| region, | ||
| json_extract_path_text(Properties, 'Arn') as arn | ||
| FROM aws.cloud_control.resources WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' | ||
| AND region = 'us-east-1' | ||
| analyzer: | ||
| name: analyzer | ||
| id: aws.accessanalyzer.analyzer | ||
| x-cfn-schema-name: Analyzer | ||
| x-type: get | ||
| x-identifiers: | ||
| - Arn | ||
| config: | ||
| views: | ||
| select: | ||
| predicate: sqlDialect == "sqlite3" | ||
| ddl: |- | ||
| SELECT | ||
| region, | ||
| data__Identifier, | ||
| JSON_EXTRACT(Properties, '$.AnalyzerName') as analyzer_name, | ||
| JSON_EXTRACT(Properties, '$.ArchiveRules') as archive_rules, | ||
| JSON_EXTRACT(Properties, '$.Arn') as arn, | ||
| JSON_EXTRACT(Properties, '$.Tags') as tags, | ||
| JSON_EXTRACT(Properties, '$.Type') as type, | ||
| JSON_EXTRACT(Properties, '$.AnalyzerConfiguration') as analyzer_configuration | ||
| FROM aws.cloud_control.resource WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' | ||
| AND data__Identifier = '<Arn>' | ||
| AND region = 'us-east-1' | ||
| fallback: | ||
| predicate: sqlDialect == "postgres" | ||
| ddl: |- | ||
| SELECT | ||
| region, | ||
| data__Identifier, | ||
| json_extract_path_text(Properties, 'AnalyzerName') as analyzer_name, | ||
| json_extract_path_text(Properties, 'ArchiveRules') as archive_rules, | ||
| json_extract_path_text(Properties, 'Arn') as arn, | ||
| json_extract_path_text(Properties, 'Tags') as tags, | ||
| json_extract_path_text(Properties, 'Type') as type, | ||
| json_extract_path_text(Properties, 'AnalyzerConfiguration') as analyzer_configuration | ||
| FROM aws.cloud_control.resource WHERE data__TypeName = 'AWS::AccessAnalyzer::Analyzer' | ||
| AND data__Identifier = '<Arn>' | ||
| AND region = 'us-east-1' |
Oops, something went wrong.