standard
turbot/aws_compliance
Get Involved
Version
Pipeline: Detect & correct IAM accounts without support role
Detects IAM accounts without support role and then create a new support role.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run aws_compliance.pipeline.detect_and_correct_iam_accounts_without_support_role \ --arg 'user_arn=<string>'Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = aws_compliance.pipeline.detect_and_correct_iam_accounts_without_support_role args = { user_arn = <string> }}Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| database | connection.steampipe | Yes | Database connection string. | connection.steampipe.default |
| notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
| user_arn | string | Yes | Specifies the IAM user to be used for creating the support role. | - |
| support_role_name | string | Yes | Specifies the IAM support role that will be created. | flowpipe-aws-support-access |
| notification_level | string verbose, info, error | Yes | The verbosity level of notification messages to send. | info |
| approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
| default_action | string notify, skip, create_support_role | Yes | The default action to use when there are no approvers. | notify |
| enabled_actions | list(string) skip, create_support_role | Yes | The list of enabled actions approvers can select. | |
Outputs
This pipeline has no outputs.
Tags
category = Compliance
mod = aws
service = AWS/IAM