diff --git a/docs/mql/resources/aws-pack/README.md b/docs/mql/resources/aws-pack/README.md index beaa65c20..5a4583c59 100644 --- a/docs/mql/resources/aws-pack/README.md +++ b/docs/mql/resources/aws-pack/README.md @@ -15,8 +15,6 @@ Resources included in this pack: | ID | DESCRIPTION | | ------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | | [aws](aws.md) | AWS resource | -| [aws.accessAnalyzer](aws.accessanalyzer.md) | AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer) | -| [aws.accessanalyzer.analyzer](aws.accessanalyzer.analyzer.md) | AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration) | | [aws.account](aws.account.md) | AWS Account | | [aws.acm](aws.acm.md) | AWS Certificate Manager resource (for assessing the configuration of AWS Certificate Manager) | | [aws.acm.certificate](aws.acm.certificate.md) | AWS Certificate Manager Certificate resource (provides an object representing an individual ACM certificate) | @@ -100,6 +98,9 @@ Resources included in this pack: | [aws.guardduty](aws.guardduty.md) | Amazon GuardDuty for threat detection | | [aws.guardduty.detector](aws.guardduty.detector.md) | Amazon GuardDuty detector | | [aws.iam](aws.iam.md) | AWS service to create and manage permissions for users and groups | +| [aws.iam.accessAnalyzer](aws.iam.accessanalyzer.md) | AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer) | +| [aws.iam.accessanalyzer.analyzer](aws.iam.accessanalyzer.analyzer.md) | AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration) | +| [aws.iam.accessanalyzer.finding](aws.iam.accessanalyzer.finding.md) | AWS IAM Access Analyzer finding | | [aws.iam.group](aws.iam.group.md) | AWS IAM group | | [aws.iam.loginProfile](aws.iam.loginprofile.md) | AWS IAM login profile for a user | | [aws.iam.policy](aws.iam.policy.md) | AWS IAM policy | diff --git a/docs/mql/resources/aws-pack/aws.accessanalyzer.analyzer.md b/docs/mql/resources/aws-pack/aws.iam.accessanalyzer.analyzer.md similarity index 84% rename from docs/mql/resources/aws-pack/aws.accessanalyzer.analyzer.md rename to docs/mql/resources/aws-pack/aws.iam.accessanalyzer.analyzer.md index 3d33ea7a2..663e60731 100644 --- a/docs/mql/resources/aws-pack/aws.accessanalyzer.analyzer.md +++ b/docs/mql/resources/aws-pack/aws.iam.accessanalyzer.analyzer.md @@ -1,12 +1,12 @@ --- -title: aws.accessanalyzer.analyzer -id: aws.accessanalyzer.analyzer -sidebar_label: aws.accessanalyzer.analyzer +title: aws.iam.accessanalyzer.analyzer +id: aws.iam.accessanalyzer.analyzer +sidebar_label: aws.iam.accessanalyzer.analyzer displayed_sidebar: MQL description: AWS IAM Access Analyzer resource (provides an object representing an individual AWS IAM Access Analyzer configuration) --- -# aws.accessanalyzer.analyzer +# aws.iam.accessanalyzer.analyzer **Supported platform** @@ -24,6 +24,7 @@ AWS IAM Access Analyzer resource (provides an object representing an individual | name | string | Name for the analyzer | | status | string | Status of the analyzer: ACTIVE, CREATING, DISABLED, or FAILED | | type | string | Type of analyzer: ACCOUNT or ORGANIZATION | +| region | string | Region where the analyzer exists | | tags | map[string]string | Tags for the analyzer | | lastResourceAnalyzed | string | The name of the last resource that was analyzed | | lastResourceAnalyzedAt | time | Last scan timestamp | diff --git a/docs/mql/resources/aws-pack/aws.iam.accessanalyzer.finding.md b/docs/mql/resources/aws-pack/aws.iam.accessanalyzer.finding.md new file mode 100644 index 000000000..7969e2995 --- /dev/null +++ b/docs/mql/resources/aws-pack/aws.iam.accessanalyzer.finding.md @@ -0,0 +1,34 @@ +--- +title: aws.iam.accessanalyzer.finding +id: aws.iam.accessanalyzer.finding +sidebar_label: aws.iam.accessanalyzer.finding +displayed_sidebar: MQL +description: AWS IAM Access Analyzer finding +--- + +# aws.iam.accessanalyzer.finding + +**Supported platform** + +- aws + +**Description** + +AWS IAM Access Analyzer finding + +**Fields** + +| ID | TYPE | DESCRIPTION | +| -------------------- | ------ | ------------------------------- | +| id | string | Finding id | +| error | string | Error Message | +| resourceArn | string | Resource | +| resourceOwnerAccount | string | Resource owner | +| resourceType | string | Resource type | +| type | string | Finding type | +| status | string | Finding Status | +| analyzedAt | time | Time the finding was generated | +| createdAt | time | Creation timestamp | +| updatedAt | time | Creation timestamp | +| region | string | Region where the finding exists | +| analyzerArn | string | Analyzer arn | diff --git a/docs/mql/resources/aws-pack/aws.accessanalyzer.md b/docs/mql/resources/aws-pack/aws.iam.accessanalyzer.md similarity index 50% rename from docs/mql/resources/aws-pack/aws.accessanalyzer.md rename to docs/mql/resources/aws-pack/aws.iam.accessanalyzer.md index 94bd2b87b..952d73aa8 100644 --- a/docs/mql/resources/aws-pack/aws.accessanalyzer.md +++ b/docs/mql/resources/aws-pack/aws.iam.accessanalyzer.md @@ -1,12 +1,12 @@ --- -title: aws.accessAnalyzer -id: aws.accessAnalyzer -sidebar_label: aws.accessAnalyzer +title: aws.iam.accessAnalyzer +id: aws.iam.accessAnalyzer +sidebar_label: aws.iam.accessAnalyzer displayed_sidebar: MQL description: AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer) --- -# aws.accessAnalyzer +# aws.iam.accessAnalyzer **Supported platform** @@ -16,26 +16,25 @@ description: AWS IAM Access Analyzer resource (for assessing the configuration o AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer) -The `aws.accessAnalyzer` resource returns a list AWS IAM Access Analyzers configured across the AWS account. - **Fields** -| ID | TYPE | DESCRIPTION | -| --------- | ----------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | -| analyzers | [][aws.accessanalyzer.analyzer](aws.accessanalyzer.analyzer.md) | List of `aws.accessanalyzer.analyzer` objects for all AWS IAM Access Analyzers configured within the account | +| ID | TYPE | DESCRIPTION | +| --------- | ------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- | +| analyzers | [][aws.iam.accessanalyzer.analyzer](aws.iam.accessanalyzer.analyzer.md) | List of `aws.iam.accessanalyzer.analyzer` objects for all AWS IAM Access Analyzers configured within the account | +| findings | [][aws.iam.accessanalyzer.finding](aws.iam.accessanalyzer.finding.md) | List all active findings for all analyzers and regions | **Examples** Return a list of AWS IAM Access Analyzers configured across the AWS account ```coffee -aws.accessAnalyzer.analyzers +aws.iam.accessAnalyzer.analyzers ``` -Return a list of `aws.accessAnalyzer.analyzer` resources and the value for specified fields +Return a list of `aws.iam.accessAnalyzer.analyzer` resources and the value for specified fields ```coffee -aws.accessAnalyzer.analyzers { +aws.iam.accessAnalyzer.analyzers { arn name status @@ -46,7 +45,7 @@ aws.accessAnalyzer.analyzers { Ensure that IAM Access analyzer is enabled for all regions ```coffee -aws.accessAnalyzer.analyzers.all( +aws.iam.accessAnalyzer.analyzers.all( status == "ACTIVE" ) ```