Get Existing Least Privilege Access Suggestions for an Asset

GET 
/iam/api/v1/assets/:assetId/existing-least-privileged-access

Suggest least privileged access from existing resources according to the asset. This configuration will minimize the amount of policies/roles used while preserve all the actions used in the last specified last X days

Request

Path Parameters

assetId stringrequired
the UAI asset Id
Example: 681390424b288d835f5cd03e7bfb0993

Query Parameters

output_format int32required
Output format type. One of: JSON / TERRAFORM/ CF
Example: JSON
lookback_duration_days int32required
Amount of days to look back for used actions
Example: 90

Responses

200

OK

application/json

Schema

Schema

nextPageToken string

Next page token

permissionsInAssetCount int32

Number of actions in asset

permissionsInLeastPrivilegedCount int32

Number of actions in least privileged access

analysis object[]
Least Privileged result analysis
Array [
action string
configurationName string
keep boolean
]
value object[]
Least Privileged Access items
Array [
iamResourceName string
The name of the iam resource
iamResourceId string
The id of the iam resource
iamResourceType string
The type of iam resource
formatType string
Format type of the access policy
snippet string
The access policy
]

Example (from schema)

{
  "nextPageToken": "++fdfkjsdlfsdfdFDSFDFSDFdfdssfdFDS",
  "permissionsInAssetCount": 10,
  "permissionsInLeastPrivilegedCount": 10,
  "analysis": [
    {
      "action": "string",
      "configurationName": "string",
      "keep": true
    }
  ],
  "value": [
    {
      "iamResourceName": "MyIamResource",
      "iamResourceId": "rrn:aws:iamRole::123456789012:3fab987adf7c268519219cdfe5a4c4c2d4dc:AROAXHNDH53GWC2HSVKSR",
      "iamResourceType": "AWS_POLICY",
      "formatType": "TERRAFORM",
      "snippet": "A Terraform code for creating a policy"
    }
  ]
}

400

Bad request

application/json

Schema

Schema

error object
code stringrequired
message stringrequired
target string
details string[]
innerError

Example (from schema)

{
  "error": {
    "code": "string",
    "message": "string",
    "target": "string",
    "details": [
      "string"
    ]
  }
}

401

Unauthorized

application/json

Schema

Schema

error object
code stringrequired
message stringrequired
target string
details string[]
innerError

Example (from schema)

{
  "error": {
    "code": "string",
    "message": "string",
    "target": "string",
    "details": [
      "string"
    ]
  }
}

403

Forbidden

application/json

Schema

Schema

error object
code stringrequired
message stringrequired
target string
details string[]
innerError

Example (from schema)

{
  "error": {
    "code": "string",
    "message": "string",
    "target": "string",
    "details": [
      "string"
    ]
  }
}

404

Not found

application/json

Schema

Schema

error object
code stringrequired
message stringrequired
target string
details string[]
innerError

Example (from schema)

{
  "error": {
    "code": "string",
    "message": "string",
    "target": "string",
    "details": [
      "string"
    ]
  }
}

429

Throttled

Response Headers

• X-RateLimit-Remaining integer
• X-RateLimit-Requested-Tokens integer
• X-RateLimit-Burst-Capacity integer
• X-RateLimit-Replenish-Rate integer

Loading...