Help Center/ Identity and Access Management_Identity and Access Management (New Edition)/ API Reference/ API/ Access Analyzer/ Archive Rules/ Creating an Archive Rule for the Specified Analyzer
Updated on 2025-11-06 GMT+08:00
View PDF
Share

Creating an Archive Rule for the Specified Analyzer

Function

This API is used to create an archive rule for the specified analyzer. The archive rule will automatically archive new findings that meet the criteria you define when you create the rule.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

Action

Access Level

Resource Type (*: required)

Condition Key

Alias

Dependencies

AccessAnalyzer:archiveRule:create

Write

archiveRule *

-

-

-

URI

POST /v5/analyzers/{analyzer_id}/archive-rules

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

analyzer_id

Yes

String

Unique identifier of an analyzer

Minimum: 1

Maximum: 36

Request Parameters

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

filters

Yes

Array of FindingFilter objects

A filter to match the returned findings.

Array Length: 1 - 10

name

Yes

String

Name of the archive rule.
Table 3 FindingFilter

Parameter

Mandatory

Type

Description

criterion

Yes

Criterion object

Criteria in the filter. Only one operator is allowed.

key

Yes

String

Filter key.

  • resource: resource URN

  • resource_type: resource type

  • resource_owner_account: resource owner account

  • is_public: public access permission

  • id: finding ID

  • status: finding type

  • principal_type

  • principal_identifier

  • change_type: finding status change

  • existing_finding_id: ID of an existing finding

  • existing_finding_status: status of an existing finding

  • condition.g:PrincipalUrn: principal URN

  • condition.g:PrincipalId: principal ID

  • condition.g:PrincipalAccount: principal account

  • condition.g:PrincipalOrgId: principal organization ID

  • condition.g:PrincipalOrgPath: principal organization path

  • condition.g:PrincipalOrgManagementAccountId: principal organization management account ID

  • condition.g:SourceIp: source IP address

  • condition.g:SourceVpc: source VPC

  • condition.g: SourceVpce: source VPC endpoint

  • finding_type: finding type
Table 4 Criterion

Parameter

Mandatory

Type

Description

contains

No

Array of strings

Matching the "contains" operator in the filter

Array Length: 1 - 20

eq

No

Array of strings

Matching the "eq" operator in the filter

Array Length: 1 - 20

exists

No

Boolean

Matching the "exists" operator in the filter

neq

No

Array of strings

Matching the "neq" operator in the filter

Array Length: 1 - 20

Response Parameters

Status code: 201

Table 5 Response body parameters

Parameter

Type

Description

id

String

Unique identifier of an archive rule

urn

String

Unique resource identifier of an archive rule.

Example Requests

Creating an archive rule for a specified analyzer. The archive rule automatically archives new findings that meet the criteria you define when you create the rule.

POST https://{hostname}/v5/analyzers/{analyzer_id}/archive-rules

{
  "filters" : [ {
    "criterion" : {
      "eq" : [ "iam:agency" ]
    },
    "key" : "resource_type"
  } ],
  "name" : "my-archive-rules"
}

Example Responses

Status code: 201

Created

{
  "id" : "{archive_rule_id}",
  "urn" : "AccessAnalyzer:{region_id}:{domain_id}:archiveRule:{analyzer_id}/{archive_rule_id}"
}

Status Codes

Status Code

Description

201

Created

Error Codes

See Error Codes.

Parent topic: Archive Rules