standard
turbot/aws_compliance
Get Involved
Version
Pipeline: Correct one IAM user with more than one active key
Runs corrective action to deactivate one of the active key from two active keys for a IAM user.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run aws_compliance.pipeline.correct_one_iam_user_with_more_than_one_active_key \ --arg 'title=<string>' \ --arg 'user_name=<string>' \ --arg 'access_key_id_1=<string>' \ --arg 'access_key_1_last_used_date=<string>' \ --arg 'access_key_1_age=<string>' \ --arg 'access_key_1_last_used_in_days=<string>' \ --arg 'access_key_id_2=<string>' \ --arg 'access_key_2_last_used_date=<string>' \ --arg 'access_key_2_age=<string>' \ --arg 'access_key_2_last_used_in_days=<string>' \ --arg 'conn=<connection.aws>'Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = aws_compliance.pipeline.correct_one_iam_user_with_more_than_one_active_key args = { title = <string> user_name = <string> access_key_id_1 = <string> access_key_1_last_used_date = <string> access_key_1_age = <string> access_key_1_last_used_in_days = <string> access_key_id_2 = <string> access_key_2_last_used_date = <string> access_key_2_age = <string> access_key_2_last_used_in_days = <string> conn = <connection.aws> }}Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| title | string | Yes | Title of the resource, to be used as a display name. | - |
| user_name | string | Yes | The user name of the IAM user. | - |
| access_key_id_1 | string | Yes | The ID of the first access key for the IAM user. | - |
| access_key_1_last_used_date | string | Yes | The date the first access key was last used, or 'not_used' if it has not been used. | - |
| access_key_1_age | string | Yes | The age of the first access key in days since it was created. | - |
| access_key_1_last_used_in_days | string | Yes | The number of days since the first access key was last used, or 'not_used' if it has not been used. | - |
| access_key_id_2 | string | Yes | The ID of the second access key for the IAM user, if available. | - |
| access_key_2_last_used_date | string | Yes | The date the second access key was last used, or 'not_used' if it has not been used. | - |
| access_key_2_age | string | Yes | The age of the second access key in days since it was created. | - |
| access_key_2_last_used_in_days | string | Yes | The number of days since the second access key was last used, or 'not_used' if it has not been used. | - |
| conn | connection.aws | Yes | Name of the AWS connection to be used for any authenticated actions. | - |
| notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
| notification_level | string verbose, info, error | Yes | The verbosity level of notification messages to send. | info |
| approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
| default_action | string notify, skip, deactivate_access_key_1, deactivate_access_key_2 | Yes | The default action to use when there are no approvers. | notify |
| enabled_actions | list(string) skip, deactivate_access_key_1, deactivate_access_key_2 | Yes | The list of enabled actions approvers can select. | |
Outputs
This pipeline has no outputs.
Tags
category = Compliance
folder = Internal
mod = aws
service = AWS/IAM