تشغيل أي مهارة في Manus بنقرة واحدة

aws-accessanalyzer

IAM Access Analyzer via AWS CLI v2 (`aws accessanalyzer`). Analyzers, findings, archive rules, access previews, policy tools.

تشغيل في Manus

نظرة عامة

IAM Access Analyzer via AWS CLI v2 (`aws accessanalyzer`). Analyzers, findings, archive rules, access previews, policy tools.

أمر التثبيت

npx skills add https://github.com/chrishuffman5/awscliskills --skill aws-accessanalyzer

انسخ والصق هذا الأمر في Claude Code لتثبيت المهارة

المصدر

chrishuffman5/awscliskills

النجوم٠

التفرعات٠

آخر تحديث٢٧ مايو ٢٠٢٦ في ٢٢:٠٧

مستكشف الملفات

8 ملفات

SKILL.md

readonly

name	aws-accessanalyzer
description	IAM Access Analyzer via AWS CLI v2 (`aws accessanalyzer`). Analyzers, findings, archive rules, access previews, policy tools.

AWS CLI v2 — IAM Access Analyzer (accessanalyzer)

Overview

Complete reference for all aws accessanalyzer subcommands in AWS CLI v2. Covers analyzer management, findings lifecycle, archive rules, access previews, policy validation, policy generation, and custom policy checks. IAM Access Analyzer helps identify resources shared with external principals, detect unused access, and validate IAM policies against best practices. Supports account-level and organization-level analyzers for external access, unused access, and internal access analysis.

Quick Reference — Common Workflows

Create an account-level analyzer

aws accessanalyzer create-analyzer \
  --analyzer-name my-account-analyzer \
  --type ACCOUNT

Create an organization-level analyzer

aws accessanalyzer create-analyzer \
  --analyzer-name my-org-analyzer \
  --type ORGANIZATION

List all analyzers

aws accessanalyzer list-analyzers

List active findings for an analyzer

aws accessanalyzer list-findings \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --filter '{"status": {"eq": ["ACTIVE"]}}'

Get details of a specific finding

aws accessanalyzer get-finding \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --id 0910eedb-381e-4e95-adda-0d25c19e6e90

Archive findings

aws accessanalyzer update-findings \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --ids 0910eedb-381e-4e95-adda-0d25c19e6e90 \
  --status ARCHIVED

Create an archive rule

aws accessanalyzer create-archive-rule \
  --analyzer-name my-analyzer \
  --rule-name auto-archive-s3 \
  --filter '{"resourceType": {"eq": ["AWS::S3::Bucket"]}, "isPublic": {"eq": ["false"]}}'

Validate a policy document

aws accessanalyzer validate-policy \
  --policy-document file://policy.json \
  --policy-type IDENTITY_POLICY

Check that a policy does not grant specific access

aws accessanalyzer check-access-not-granted \
  --policy-document file://policy.json \
  --access actions=s3:DeleteBucket,s3:GetBucketLocation \
  --policy-type IDENTITY_POLICY

Generate a policy from CloudTrail activity

aws accessanalyzer start-policy-generation \
  --policy-generation-details '{"principalArn":"arn:aws:iam::123456789012:role/MyRole"}' \
  --cloud-trail-details file://trail-config.json
aws accessanalyzer get-generated-policy --job-id c557dc4a-0338-4489-95dd-739014860ff9

Create an access preview

aws accessanalyzer create-access-preview \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --configurations file://preview-config.json

Command Reference

See index.md for the quick reference table and global options.

Group	File	Commands
Analyzers	`analyzers.md`	create-analyzer, get-analyzer, list-analyzers, update-analyzer, delete-analyzer, get-analyzed-resource, list-analyzed-resources, start-resource-scan
Findings	`findings.md`	list-findings, get-finding, list-findings-v2, get-finding-v2, get-findings-statistics, update-findings, generate-finding-recommendation, get-finding-recommendation
Archive Rules	`archive-rules.md`	create-archive-rule, get-archive-rule, list-archive-rules, update-archive-rule, delete-archive-rule, apply-archive-rule
Access Previews	`access-previews.md`	create-access-preview, get-access-preview, list-access-previews, list-access-preview-findings
Policy Tools	`policy-tools.md`	validate-policy, check-access-not-granted, check-no-new-access, check-no-public-access, start-policy-generation, get-generated-policy, list-policy-generations, cancel-policy-generation
Tags	`tags.md`	tag-resource, untag-resource, list-tags-for-resource

المزيد من هذا المستودع

نفس المستودع

aws-acm-pca

chrishuffman5/awscliskills

Private CA via AWS CLI v2 (`aws acm-pca`). Certificate authorities, certificates, audit reports, permissions, policies.

2026-05-270

aws-acm

chrishuffman5/awscliskills

ACM via AWS CLI v2 (`aws acm`). Certificates, import/export, validation, tags, account configuration.

2026-05-270

aws-amp

chrishuffman5/awscliskills

Managed Prometheus via AWS CLI v2 (`aws amp`). Workspaces, alert manager, rule groups, scrapers, logging, resource policies.

2026-05-270

aws-amplify

chrishuffman5/awscliskills

Amplify via AWS CLI v2 (`aws amplify`). Apps, branches, domain associations, jobs, deployments, webhooks.

2026-05-270

aws-apigateway

chrishuffman5/awscliskills

API Gateway via AWS CLI v2 (`aws apigateway`). REST APIs, HTTP APIs, resources, methods, stages, authorizers, API keys, usage plans.

2026-05-270

aws-appconfig

chrishuffman5/awscliskills

AppConfig via AWS CLI v2 (`aws appconfig`). Feature flags, configuration profiles, deployment strategies, environments, extensions, runtime data retrieval.

2026-05-270

المصدر

chrishuffman5

chrishuffman5/awscliskills

فتح مستودع GitHub عرض مستودعات المنشئ

أمر التثبيت

تنزيل

تشغيل في Manus

مفيد لـSOC

مطوّرو البرمجياتمهن الحاسوب والرياضيات15-1252L4

name	aws-accessanalyzer
description	IAM Access Analyzer via AWS CLI v2 (`aws accessanalyzer`). Analyzers, findings, archive rules, access previews, policy tools.

AWS CLI v2 — IAM Access Analyzer (accessanalyzer)

Overview

Quick Reference — Common Workflows

Create an account-level analyzer

aws accessanalyzer create-analyzer \
  --analyzer-name my-account-analyzer \
  --type ACCOUNT

Create an organization-level analyzer

aws accessanalyzer create-analyzer \
  --analyzer-name my-org-analyzer \
  --type ORGANIZATION

List all analyzers

aws accessanalyzer list-analyzers

List active findings for an analyzer

aws accessanalyzer list-findings \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --filter '{"status": {"eq": ["ACTIVE"]}}'

Get details of a specific finding

aws accessanalyzer get-finding \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --id 0910eedb-381e-4e95-adda-0d25c19e6e90

Archive findings

aws accessanalyzer update-findings \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --ids 0910eedb-381e-4e95-adda-0d25c19e6e90 \
  --status ARCHIVED

Create an archive rule

aws accessanalyzer create-archive-rule \
  --analyzer-name my-analyzer \
  --rule-name auto-archive-s3 \
  --filter '{"resourceType": {"eq": ["AWS::S3::Bucket"]}, "isPublic": {"eq": ["false"]}}'

Validate a policy document

aws accessanalyzer validate-policy \
  --policy-document file://policy.json \
  --policy-type IDENTITY_POLICY

Check that a policy does not grant specific access

aws accessanalyzer check-access-not-granted \
  --policy-document file://policy.json \
  --access actions=s3:DeleteBucket,s3:GetBucketLocation \
  --policy-type IDENTITY_POLICY

Generate a policy from CloudTrail activity

aws accessanalyzer start-policy-generation \
  --policy-generation-details '{"principalArn":"arn:aws:iam::123456789012:role/MyRole"}' \
  --cloud-trail-details file://trail-config.json
aws accessanalyzer get-generated-policy --job-id c557dc4a-0338-4489-95dd-739014860ff9

Create an access preview

aws accessanalyzer create-access-preview \
  --analyzer-arn arn:aws:access-analyzer:us-east-1:123456789012:analyzer/my-analyzer \
  --configurations file://preview-config.json

Command Reference

See index.md for the quick reference table and global options.

Group	File	Commands
Analyzers	`analyzers.md`	create-analyzer, get-analyzer, list-analyzers, update-analyzer, delete-analyzer, get-analyzed-resource, list-analyzed-resources, start-resource-scan
Findings	`findings.md`	list-findings, get-finding, list-findings-v2, get-finding-v2, get-findings-statistics, update-findings, generate-finding-recommendation, get-finding-recommendation
Archive Rules	`archive-rules.md`	create-archive-rule, get-archive-rule, list-archive-rules, update-archive-rule, delete-archive-rule, apply-archive-rule
Access Previews	`access-previews.md`	create-access-preview, get-access-preview, list-access-previews, list-access-preview-findings
Policy Tools	`policy-tools.md`	validate-policy, check-access-not-granted, check-no-new-access, check-no-public-access, start-policy-generation, get-generated-policy, list-policy-generations, cancel-policy-generation
Tags	`tags.md`	tag-resource, untag-resource, list-tags-for-resource