Skip to content

/AWS1/IF_AAN=>STARTPOLICYGENERATION()

About StartPolicyGeneration

Starts the policy generation request.

Method Signature

METHODS /AWS1/IF_AAN~STARTPOLICYGENERATION
  IMPORTING
    !IO_POLICYGENERATIONDETAILS TYPE REF TO /AWS1/CL_AANPLYGENERATIONDETS OPTIONAL
    !IO_CLOUDTRAILDETAILS TYPE REF TO /AWS1/CL_AANCLOUDTRAILDETAILS OPTIONAL
    !IV_CLIENTTOKEN TYPE /AWS1/AANSTRING OPTIONAL
  RETURNING
    VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_aanstrtplygeneratio01
  RAISING
    /AWS1/CX_AANACCESSDENIEDEX
    /AWS1/CX_AANCONFLICTEXCEPTION
    /AWS1/CX_AANINTERNALSERVEREX
    /AWS1/CX_AANSERVICEQUOTAEXCDEX
    /AWS1/CX_AANTHROTTLINGEX
    /AWS1/CX_AANVALIDATIONEX
    /AWS1/CX_AANCLIENTEXC
    /AWS1/CX_AANSERVEREXC
    /AWS1/CX_RT_TECHNICAL_GENERIC
    /AWS1/CX_RT_SERVICE_GENERIC.

IMPORTING

Required arguments:

io_policygenerationdetails TYPE REF TO /AWS1/CL_AANPLYGENERATIONDETS /AWS1/CL_AANPLYGENERATIONDETS

Contains the ARN of the IAM entity (user or role) for which you are generating a policy.

Optional arguments:

io_cloudtraildetails TYPE REF TO /AWS1/CL_AANCLOUDTRAILDETAILS /AWS1/CL_AANCLOUDTRAILDETAILS

A CloudTrailDetails object that contains details about a Trail that you want to analyze to generate policies.

iv_clienttoken TYPE /AWS1/AANSTRING /AWS1/AANSTRING

A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, the subsequent retries with the same client token return the result from the original successful request and they have no additional effect.

If you do not specify a client token, one is automatically generated by the Amazon Web Services SDK.

RETURNING

oo_output TYPE REF TO /aws1/cl_aanstrtplygeneratio01 /AWS1/CL_AANSTRTPLYGENERATIO01

Examples

Syntax Example

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->startpolicygeneration(
  io_cloudtraildetails = new /aws1/cl_aancloudtraildetails(
    it_trails = VALUE /aws1/cl_aantrail=>tt_traillist(
      (
        new /aws1/cl_aantrail(
          it_regions = VALUE /aws1/cl_aanregionlist_w=>tt_regionlist(
            ( new /aws1/cl_aanregionlist_w( |string| ) )
          )
          iv_allregions = ABAP_TRUE
          iv_cloudtrailarn = |string|
        )
      )
    )
    iv_accessrole = |string|
    iv_endtime = '20150101000000.0000000'
    iv_starttime = '20150101000000.0000000'
  )
  io_policygenerationdetails = new /aws1/cl_aanplygenerationdets( |string| )
  iv_clienttoken = |string|
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  lv_jobid = lo_result->get_jobid( ).
ENDIF.