AWS IAM Access Analyzer Analyzer
This page shows how to write Terraform and CloudFormation for IAM Access Analyzer Analyzer and write them securely.
aws_accessanalyzer_analyzer (Terraform)
The Analyzer in IAM Access Analyzer can be configured in Terraform with the resource name aws_accessanalyzer_analyzer
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_accessanalyzer_analyzer" "default" {
analyzer_name = "default"
}
resource "aws_accessanalyzer_analyzer" "default" {
count = var.enabled ? 1 : 0
analyzer_name = var.analyzer_name
type = var.is_organization ? "ORGANIZATION" : "ACCOUNT"
resource "aws_accessanalyzer_analyzer" {
analyzer_name = "main"
tags = {}
type = "ACCOUNT"
}
resource "aws_accessanalyzer_analyzer" "example" {
analyzer_name = var.name
tags = var.tags
}
resource "aws_accessanalyzer_analyzer" "default" {
analyzer_name = "analyzer"
type = "ACCOUNT"
tags = var.tags
}
Parameters
-
analyzer_name
required - string -
arn
optional computed - string -
id
optional computed - string -
tags
optional - map from string to string -
type
optional - string
Explanation in Terraform Registry
Manages an Access Analyzer Analyzer. More information can be found in the Access Analyzer User Guide.
AWS::AccessAnalyzer::Analyzer (CloudFormation)
The Analyzer in AccessAnalyzer can be configured in CloudFormation with the resource name AWS::AccessAnalyzer::Analyzer
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::AccessAnalyzer::Analyzer
Properties:
Type: ACCOUNT
KMSKey:
Type: AWS::KMS::Key
Type: "AWS::AccessAnalyzer::Analyzer"
Properties:
Type: "ORGANIZATION"
Parameters: {}
Metadata: {}
Type: 'AWS::AccessAnalyzer::Analyzer'
Properties:
AnalyzerName: !Sub ${AWS::StackName}
Type: ACCOUNT
ArchiveRules:
- Filter:
Type: AWS::AccessAnalyzer::Analyzer
Properties:
AnalyzerName: !Sub "${IAMAccessAnalyzerName}-${AWS::Region}"
Type: ACCOUNT
Type: AWS::AccessAnalyzer::Analyzer
Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-accessanalyzer-analyzer.html
Properties:
Type: !Ref 'Type'
Outputs:
Arn:
"Type": "AWS::AccessAnalyzer::Analyzer",
"Properties": {
"AnalyzerName": "DevAccountAnalyzer",
"Type": "ACCOUNT"
}},
"myassessmenttarget": {
"resourceType": "AWS::AccessAnalyzer::Analyzer",
"filePath": null
}
]
},
{
"TargetType": "/AWS::AccessAnalyzer::Analyzer",
"Tags": []
},
{
"Name": "AWSConfigRemediation-EnableAutoScalingGroupELBHealthCheck",
"CreatedDate": "2021-03-26T15:07:18.734000+00:00",
"AWS::AccessAnalyzer::Analyzer.Filter": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-filter.html",
"Properties": {
"Contains": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-accessanalyzer-analyzer-filter.html#cfn-accessanalyzer-analyzer-filter-contains",
"UpdateType": "Mutable",
"AWS::AccessAnalyzer::Analyzer": {
"Type": "AWS::AccessAnalyzer::Analyzer",
"Properties": {}
},
"AWS::WAF::IPSet": {
"Type": "AWS::WAF::IPSet",
Parameters
-
AnalyzerName
optional - String -
ArchiveRules
optional - List of ArchiveRule -
Tags
optional - List of Tag -
Type
required - String
Explanation in CloudFormation Registry
The
AWS::AccessAnalyzer::Analyzer
resource specifies a new analyzer. The analyzer is an object that represents the IAM Access Analyzer feature. An analyzer is required for Access Analyzer to become operational.
Frequently asked questions
What is AWS IAM Access Analyzer Analyzer?
AWS IAM Access Analyzer Analyzer is a resource for IAM Access Analyzer of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS IAM Access Analyzer Analyzer?
For Terraform, the K-taiga/aws_security, anmoltoppo/Terraform and timoguin/aws-baseline source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the karimelmel/cloud-security-bootcamp, mobious999/Cloudformation and sigia-com/slgl source code examples are useful. See the CloudFormation Example section for further details.