Creating an Analyzer

Function

This API is used to create an analyzer for your account or organization.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
AccessAnalyzer:analyzer:create	Write	analyzer *	-	-	iam:agencies:createServiceLinkedAgencyV5
AccessAnalyzer:analyzer:create	Write	-	g:RequestTag/<tag-key> g:TagKeys	-	iam:agencies:createServiceLinkedAgencyV5

URI

POST /v5/analyzers

Request Parameters

**Table 1** Request body parameters
Parameter	Mandatory	Type	Description
configuration	No	AnalyzerConfiguration object	Analyzer settings.
name	Yes	String	Name of an analyzer
tags	No	Array of Tag objects	List of custom tags. Array Length: 1 - 20
type	Yes	String	Type of an access analyzer. account: account-level external access analyzer organization: organization-level external access analyzer account_unused_access: account-level unused access analyzer organization_unused_access: organization-level unused access analyzer account_privilege_escalation: account-level privilege escalation access analyzer account_iam_best_practice: account-level IAM best practice analyzer

**Table 2** AnalyzerConfiguration
Parameter	Mandatory	Type	Description
unused_access	No	unused_access object	Settings of an unused access analyzer.

**Table 3** unused_access
Parameter	Mandatory	Type	Description
unused_access_age	No	Integer	Preset number of days for generating findings. Minimum: 1 Maximum: 180 Default: 90
unused_analysis_rule	No	UnusedAnalysisRule object	Unused analysis rule.

**Table 4** UnusedAnalysisRule
Parameter	Mandatory	Type	Description
exclusions	No	Array of UnusedAnalysisRuleCriteria objects	Exclusion rule.

**Table 5** UnusedAnalysisRuleCriteria
Parameter	Mandatory	Type	Description
account_ids	No	Array of strings	Account ID list. Minimum: 1 Maximum: 36 Array Length: 1 - 2000
resource_tags	No	Array of Tag objects	Resource tag list. Array Length: 1 - 20

**Table 6** Tag
Parameter	Mandatory	Type	Description
key	Yes	String	Tag key
value	Yes	String	String value associated with the tag key.

Response Parameters

Status code: 201

**Table 7** Response body parameters
Parameter	Type	Description
id	String	Unique identifier of an analyzer
urn	String	Unique resource identifier of an analyzer.

Example Requests

Creating an analyzer for your account or organization

POST https://{hostname}/v5/analyzers

{
  "name" : "my-analyzer",
  "tags" : [ {
    "key" : "key-1",
    "value" : "value-1"
  } ],
  "type" : "account"
}

Example Responses

Status code: 201

Created

{
  "id" : "{analyzer_id}",
  "urn" : "AccessAnalyzer:{region_id}:{domain_id}:analyzer:{analyzer_id}"
}

Status Codes

Status Code	Description
201	Created

Error Codes

See Error Codes.

Parent topic: Analyzers

Previous topic: Retrieving a List of Analyzers

Next topic: Listing the Specified Analyzer

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot