standard
turbot/aws_compliance
Get Involved
Version
Pipeline: Correct IAM accounts without support role
Create a new support role for IAM accounts without support role
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run aws_compliance.pipeline.correct_iam_accounts_without_support_role \ --arg 'items=<list(object({ title = string account_id = string conn = string }))>' \ --arg 'user_arn=<string>'Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = aws_compliance.pipeline.correct_iam_accounts_without_support_role args = { items = <list(object({ title = string account_id = string conn = string }))> user_arn = <string> }}Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| items | list(object({
title = string
account_id = string
conn = string
})) | Yes | A collection of detected resources to run corrective actions against. | - |
| notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
| user_arn | string | Yes | Specifies the IAM user to be used for creating the support role. | - |
| support_role_name | string | Yes | Specifies the IAM support role that will be created. | flowpipe-aws-support-access |
| notification_level | string verbose, info, error | Yes | The verbosity level of notification messages to send. | info |
| approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
| default_action | string notify, skip, create_support_role | Yes | The default action to use when there are no approvers. | notify |
| enabled_actions | list(string) skip, create_support_role | Yes | The list of enabled actions approvers can select. | |
Outputs
This pipeline has no outputs.
Tags
category = Compliance
folder = Internal
mod = aws
service = AWS/IAM