standard
turbot/aws_compliance
Get Involved
Version
Pipeline: Correct IAM users with more than one active key
Runs corrective action to delete extra IAM user active keys.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run aws_compliance.pipeline.correct_iam_users_with_more_than_one_active_key \ --arg 'items=<list(object({ title = string user_name = string access_key_id_1 = string access_key_1_last_used_date = string access_key_1_age = string access_key_1_last_used_in_days = string access_key_id_2 = string access_key_2_last_used_date = string access_key_2_age = string access_key_2_last_used_in_days = string conn = string }))>'
Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = aws_compliance.pipeline.correct_iam_users_with_more_than_one_active_key args = { items = <list(object({ title = string user_name = string access_key_id_1 = string access_key_1_last_used_date = string access_key_1_age = string access_key_1_last_used_in_days = string access_key_id_2 = string access_key_2_last_used_date = string access_key_2_age = string access_key_2_last_used_in_days = string conn = string }))> }}
Params
Name | Type | Required | Description | Default |
---|---|---|---|---|
items | list(object({ title = string user_name = string access_key_id_1 = string access_key_1_last_used_date = string access_key_1_age = string access_key_1_last_used_in_days = string access_key_id_2 = string access_key_2_last_used_date = string access_key_2_age = string access_key_2_last_used_in_days = string conn = string })) | Yes | A collection of detected resources to run corrective actions against. | - |
notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
notification_level | string verbose , info , error | Yes | The verbosity level of notification messages to send. | info |
approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
default_action | string notify , skip , deactivate_access_key_1 , deactivate_access_key_2 | Yes | The default action to use when there are no approvers. | notify |
enabled_actions | list(string) skip , deactivate_access_key_1 , deactivate_access_key_2 | Yes | The list of enabled actions approvers can select. |
|
Outputs
This pipeline has no outputs.
Tags
category = Compliance
folder = Internal
mod = aws
service = AWS/IAM