Skip to content

Get Generated Policy

accessanalyzer_get_generated_policy R Documentation

Retrieves the policy that was generated using StartPolicyGeneration

Description

Retrieves the policy that was generated using start_policy_generation.

Usage

accessanalyzer_get_generated_policy(jobId, includeResourcePlaceholders,
  includeServiceLevelTemplate)

Arguments

jobId

[required] The JobId that is returned by the start_policy_generation operation. The JobId can be used with get_generated_policy to retrieve the generated policies or used with cancel_policy_generation to cancel the policy generation request.

includeResourcePlaceholders

The level of detail that you want to generate. You can specify whether to generate policies with placeholders for resource ARNs for actions that support resource level granularity in policies.

For example, in the resource section of a policy, you can receive a placeholder such as "Resource":"arn:aws:s3:::${BucketName}" instead of "*".

includeServiceLevelTemplate

The level of detail that you want to generate. You can specify whether to generate service-level policies.

IAM Access Analyzer uses iam:servicelastaccessed to identify services that have been used recently to create this service-level template.

Value

A list with the following syntax: 

list(
  jobDetails = list(
    jobId = "string",
    status = "IN_PROGRESS"|"SUCCEEDED"|"FAILED"|"CANCELED",
    startedOn = as.POSIXct(
      "2015-01-01"
    ),
    completedOn = as.POSIXct(
      "2015-01-01"
    ),
    jobError = list(
      code = "AUTHORIZATION_ERROR"|"RESOURCE_NOT_FOUND_ERROR"|"SERVICE_QUOTA_EXCEEDED_ERROR"|"SERVICE_ERROR",
      message = "string"
    )
  ),
  generatedPolicyResult = list(
    properties = list(
      isComplete = TRUE|FALSE,
      principalArn = "string",
      cloudTrailProperties = list(
        trailProperties = list(
          list(
            cloudTrailArn = "string",
            regions = list(
              "string"
            ),
            allRegions = TRUE|FALSE
          )
        ),
        startTime = as.POSIXct(
          "2015-01-01"
        ),
        endTime = as.POSIXct(
          "2015-01-01"
        )
      )
    ),
    generatedPolicies = list(
      list(
        policy = "string"
      )
    )
  )
)

Request syntax

svc$get_generated_policy(
  jobId = "string",
  includeResourcePlaceholders = TRUE|FALSE,
  includeServiceLevelTemplate = TRUE|FALSE
)