Skip to content

Commit

Permalink
Document the new AWS resources
Browse files Browse the repository at this point in the history 
Signed-off-by: Tim Smith <[email protected]>
  • Loading branch information
@tas50
tas50 committed Aug 8, 2024
1 parent 78fe025 commit dee231a
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 19 deletions.
5 changes: 3 additions & 2 deletions docs/mql/resources/aws-pack/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,6 @@ Resources included in this pack:
| ID | DESCRIPTION |
| ------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- |
| [aws](aws.md) | AWS resource |
| [aws.accessAnalyzer](aws.accessanalyzer.md) | AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer) |
| [aws.accessanalyzer.analyzer](aws.accessanalyzer.analyzer.md) | AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration) |
| [aws.account](aws.account.md) | AWS Account |
| [aws.acm](aws.acm.md) | AWS Certificate Manager resource (for assessing the configuration of AWS Certificate Manager) |
| [aws.acm.certificate](aws.acm.certificate.md) | AWS Certificate Manager Certificate resource (provides an object representing an individual ACM certificate) |
Expand Down Expand Up @@ -100,6 +98,9 @@ Resources included in this pack:
| [aws.guardduty](aws.guardduty.md) | Amazon GuardDuty for threat detection |
| [aws.guardduty.detector](aws.guardduty.detector.md) | Amazon GuardDuty detector |
| [aws.iam](aws.iam.md) | AWS service to create and manage permissions for users and groups |
| [aws.iam.accessAnalyzer](aws.iam.accessanalyzer.md) | AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer) |
| [aws.iam.accessanalyzer.analyzer](aws.iam.accessanalyzer.analyzer.md) | AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration) |
| [aws.iam.accessanalyzer.finding](aws.iam.accessanalyzer.finding.md) | AWS IAM Access Analyzer finding |
| [aws.iam.group](aws.iam.group.md) | AWS IAM group |
| [aws.iam.loginProfile](aws.iam.loginprofile.md) | AWS IAM login profile for a user |
| [aws.iam.policy](aws.iam.policy.md) | AWS IAM policy |
Expand Down
9 changes: 5 additions & 4 deletions ...s/aws-pack/aws.accessanalyzer.analyzer.md → ...s-pack/aws.iam.accessanalyzer.analyzer.md
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
---
title: aws.accessanalyzer.analyzer
id: aws.accessanalyzer.analyzer
sidebar_label: aws.accessanalyzer.analyzer
title: aws.iam.accessanalyzer.analyzer
id: aws.iam.accessanalyzer.analyzer
sidebar_label: aws.iam.accessanalyzer.analyzer
displayed_sidebar: MQL
description: AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration)
---

# aws.accessanalyzer.analyzer
# aws.iam.accessanalyzer.analyzer

**Supported platform**

Expand All @@ -24,6 +24,7 @@ AWS IAM Access Analyzer resource (provides an object representing an individual
| name | string | Name for the analyzer |
| status | string | Status of the analyzer: ACTIVE, CREATING, DISABLED, or FAILED |
| type | string | Type of analyzer: ACCOUNT or ORGANIZATION |
| region | string | Region where the analyzer exists |
| tags | map[string]string | Tags for the analyzer |
| lastResourceAnalyzed | string | The name of the last resource that was analyzed |
| lastResourceAnalyzedAt | time | Last scan timestamp |
Expand Down
34 changes: 34 additions & 0 deletions docs/mql/resources/aws-pack/aws.iam.accessanalyzer.finding.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
---
title: aws.iam.accessanalyzer.finding
id: aws.iam.accessanalyzer.finding
sidebar_label: aws.iam.accessanalyzer.finding
displayed_sidebar: MQL
description: AWS IAM Access Analyzer finding
---

# aws.iam.accessanalyzer.finding

**Supported platform**

- aws

**Description**

AWS IAM Access Analyzer finding

**Fields**

| ID | TYPE | DESCRIPTION |
| -------------------- | ------ | ------------------------------- |
| id | string | Finding id |
| error | string | Error Message |
| resourceArn | string | Resource |
| resourceOwnerAccount | string | Resource owner |
| resourceType | string | Resource type |
| type | string | Finding type |
| status | string | Finding Status |
| analyzedAt | time | Time the finding was generated |
| createdAt | time | Creation timestamp |
| updatedAt | time | Creation timestamp |
| region | string | Region where the finding exists |
| analyzerArn | string | Analyzer arn |
25 changes: 12 additions & 13 deletions .../resources/aws-pack/aws.accessanalyzer.md → ...ources/aws-pack/aws.iam.accessanalyzer.md
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
---
title: aws.accessAnalyzer
id: aws.accessAnalyzer
sidebar_label: aws.accessAnalyzer
title: aws.iam.accessAnalyzer
id: aws.iam.accessAnalyzer
sidebar_label: aws.iam.accessAnalyzer
displayed_sidebar: MQL
description: AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer)
---

# aws.accessAnalyzer
# aws.iam.accessAnalyzer

**Supported platform**

Expand All @@ -16,26 +16,25 @@ description: AWS IAM Access Analyzer resource (for assessing the configuration o

AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer)

The `aws.accessAnalyzer` resource returns a list AWS IAM Access Analyzers configured across the AWS account.

**Fields**

| ID | TYPE | DESCRIPTION |
| --------- | ----------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ |
| analyzers | &#91;&#93;[aws.accessanalyzer.analyzer](aws.accessanalyzer.analyzer.md) | List of `aws.accessanalyzer.analyzer` objects for all AWS IAM Access Analyzers configured within the account |
| ID | TYPE | DESCRIPTION |
| --------- | ------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- |
| analyzers | &#91;&#93;[aws.iam.accessanalyzer.analyzer](aws.iam.accessanalyzer.analyzer.md) | List of `aws.iam.accessanalyzer.analyzer` objects for all AWS IAM Access Analyzers configured within the account |
| findings | &#91;&#93;[aws.iam.accessanalyzer.finding](aws.iam.accessanalyzer.finding.md) | List all active findings for all analyzers and regions |

**Examples**

Return a list of AWS IAM Access Analyzers configured across the AWS account

```coffee
aws.accessAnalyzer.analyzers
aws.iam.accessAnalyzer.analyzers
```

Return a list of `aws.accessAnalyzer.analyzer` resources and the value for specified fields
Return a list of `aws.iam.accessAnalyzer.analyzer` resources and the value for specified fields

```coffee
aws.accessAnalyzer.analyzers {
aws.iam.accessAnalyzer.analyzers {
arn
name
status
Expand All @@ -46,7 +45,7 @@ aws.accessAnalyzer.analyzers {
Ensure that IAM Access analyzer is enabled for all regions

```coffee
aws.accessAnalyzer.analyzers.all(
aws.iam.accessAnalyzer.analyzers.all(
status == "ACTIVE"
)
```
Expand Down

0 comments on commit dee231a

Please sign in to comment.