:doc:`AccessAnalyzer <../../accessanalyzer>` / Client / check_no_public_access

**********************
check_no_public_access
**********************



.. py:method:: AccessAnalyzer.Client.check_no_public_access(**kwargs)

  

  Checks whether a resource policy can grant public access to the specified resource type.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/accessanalyzer-2019-11-01/CheckNoPublicAccess>`_  


  **Request Syntax**
  ::

    response = client.check_no_public_access(
        policyDocument='string',
        resourceType='AWS::DynamoDB::Table'|'AWS::DynamoDB::Stream'|'AWS::EFS::FileSystem'|'AWS::OpenSearchService::Domain'|'AWS::Kinesis::Stream'|'AWS::Kinesis::StreamConsumer'|'AWS::KMS::Key'|'AWS::Lambda::Function'|'AWS::S3::Bucket'|'AWS::S3::AccessPoint'|'AWS::S3Express::DirectoryBucket'|'AWS::S3::Glacier'|'AWS::S3Outposts::Bucket'|'AWS::S3Outposts::AccessPoint'|'AWS::SecretsManager::Secret'|'AWS::SNS::Topic'|'AWS::SQS::Queue'|'AWS::IAM::AssumeRolePolicyDocument'|'AWS::S3Tables::TableBucket'|'AWS::ApiGateway::RestApi'|'AWS::CodeArtifact::Domain'|'AWS::Backup::BackupVault'|'AWS::CloudTrail::Dashboard'|'AWS::CloudTrail::EventDataStore'|'AWS::S3Tables::Table'|'AWS::S3Express::AccessPoint'
    )
    
  :type policyDocument: string
  :param policyDocument: **[REQUIRED]** 

    The JSON policy document to evaluate for public access.

    

  
  :type resourceType: string
  :param resourceType: **[REQUIRED]** 

    The type of resource to evaluate for public access. For example, to check for public access to Amazon S3 buckets, you can choose ``AWS::S3::Bucket`` for the resource type.

     

    For resource types not supported as valid values, IAM Access Analyzer will return an error.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'result': 'PASS'|'FAIL',
          'message': 'string',
          'reasons': [
              {
                  'description': 'string',
                  'statementIndex': 123,
                  'statementId': 'string'
              },
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **result** *(string) --* 

        The result of the check for public access to the specified resource type. If the result is ``PASS``, the policy doesn't allow public access to the specified resource type. If the result is ``FAIL``, the policy might allow public access to the specified resource type.

        
      

      - **message** *(string) --* 

        The message indicating whether the specified policy allows public access to resources.

        
      

      - **reasons** *(list) --* 

        A list of reasons why the specified resource policy grants public access for the resource type.

        
        

        - *(dict) --* 

          Contains information about the reasoning why a check for access passed or failed.

          
          

          - **description** *(string) --* 

            A description of the reasoning of a result of checking for access.

            
          

          - **statementIndex** *(integer) --* 

            The index number of the reason statement.

            
          

          - **statementId** *(string) --* 

            The identifier for the reason statement.

            
      
    
  
  **Exceptions**
  
  *   :py:class:`AccessAnalyzer.Client.exceptions.InternalServerException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.ValidationException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.InvalidParameterException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.UnprocessableEntityException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.ThrottlingException`

  
  *   :py:class:`AccessAnalyzer.Client.exceptions.AccessDeniedException`

  