checkNoPublicAccess
abstract suspend fun checkNoPublicAccess(input: CheckNoPublicAccessRequest): CheckNoPublicAccessResponse
Checks whether a resource policy can grant public access to the specified resource type.
Samples
import aws.sdk.kotlin.services.accessanalyzer.model.AccessCheckResourceType
fun main() {
//sampleStart
// Passing check. S3 Bucket policy without public access.
val resp = accessAnalyzerClient.checkNoPublicAccess {
policyDocument = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Bob\",\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::111122223333:user/JohnDoe\"},\"Action\":[\"s3:GetObject\"]}]}"
resourceType = AccessCheckResourceType.fromValue("AWS::S3::Bucket")
}
//sampleEnd
}import aws.sdk.kotlin.services.accessanalyzer.model.AccessCheckResourceType
fun main() {
//sampleStart
// Failing check. S3 Bucket policy with public access.
val resp = accessAnalyzerClient.checkNoPublicAccess {
policyDocument = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Bob\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":[\"s3:GetObject\"]}]}"
resourceType = AccessCheckResourceType.fromValue("AWS::S3::Bucket")
}
//sampleEnd
}