standard
turbot/aws_compliance

Pipeline: Detect & correct IAM roles attached with *:* policy

Detects IAM roles attached with the *:* policy and then detaches the policy.

Run the pipeline

To run this pipeline from your terminal:

flowpipe pipeline run aws_compliance.pipeline.detect_and_correct_iam_roles_with_policy_star_star_attached

Use this pipeline

To call this pipeline from your pipeline, use a step:

step "pipeline" "step_name" {
pipeline = aws_compliance.pipeline.detect_and_correct_iam_roles_with_policy_star_star_attached
}

Params

NameTypeRequiredDescriptionDefault
database
connection.steampipe
YesDatabase connection string.connection.steampipe.default
notifier
notifier
YesThe name of the notifier to use for sending notification messages.notifier.default
notification_level
string
verbose, info, error
YesThe verbosity level of notification messages to send.info
approvers
list(notifier)
YesList of notifiers to be used for obtaining action/approval decisions.notifier.default
default_action
string
notify, skip, detach_role_star_star_policy
YesThe default action to use when there are no approvers.notify
enabled_actions
list(string)
skip, detach_role_star_star_policy
YesThe list of enabled actions approvers can select.
[
"skip",
"detach_role_star_star_policy"
]

Outputs

This pipeline has no outputs.

Tags

category = Compliance
mod = aws
recommended = true
service = AWS/IAM