aws_sdk_accessanalyzer/client/check_access_not_granted.rs
1// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
2impl super::Client {
3 /// Constructs a fluent builder for the [`CheckAccessNotGranted`](crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder) operation.
4 ///
5 /// - The fluent builder is configurable:
6 /// - [`policy_document(impl Into<String>)`](crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder::policy_document) / [`set_policy_document(Option<String>)`](crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder::set_policy_document):<br>required: **true**<br><p>The JSON policy document to use as the content for the policy.</p><br>
7 /// - [`access(Access)`](crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder::access) / [`set_access(Option<Vec::<Access>>)`](crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder::set_access):<br>required: **true**<br><p>An access object containing the permissions that shouldn't be granted by the specified policy. If only actions are specified, IAM Access Analyzer checks for access to peform at least one of the actions on any resource in the policy. If only resources are specified, then IAM Access Analyzer checks for access to perform any action on at least one of the resources. If both actions and resources are specified, IAM Access Analyzer checks for access to perform at least one of the specified actions on at least one of the specified resources.</p><br>
8 /// - [`policy_type(AccessCheckPolicyType)`](crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder::policy_type) / [`set_policy_type(Option<AccessCheckPolicyType>)`](crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder::set_policy_type):<br>required: **true**<br><p>The type of policy. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups.</p> <p>Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets.</p><br>
9 /// - On success, responds with [`CheckAccessNotGrantedOutput`](crate::operation::check_access_not_granted::CheckAccessNotGrantedOutput) with field(s):
10 /// - [`result(Option<CheckAccessNotGrantedResult>)`](crate::operation::check_access_not_granted::CheckAccessNotGrantedOutput::result): <p>The result of the check for whether the access is allowed. If the result is <code>PASS</code>, the specified policy doesn't allow any of the specified permissions in the access object. If the result is <code>FAIL</code>, the specified policy might allow some or all of the permissions in the access object.</p>
11 /// - [`message(Option<String>)`](crate::operation::check_access_not_granted::CheckAccessNotGrantedOutput::message): <p>The message indicating whether the specified access is allowed.</p>
12 /// - [`reasons(Option<Vec::<ReasonSummary>>)`](crate::operation::check_access_not_granted::CheckAccessNotGrantedOutput::reasons): <p>A description of the reasoning of the result.</p>
13 /// - On failure, responds with [`SdkError<CheckAccessNotGrantedError>`](crate::operation::check_access_not_granted::CheckAccessNotGrantedError)
14 pub fn check_access_not_granted(&self) -> crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder {
15 crate::operation::check_access_not_granted::builders::CheckAccessNotGrantedFluentBuilder::new(self.handle.clone())
16 }
17}