standard
turbot/aws_compliance

Pipeline: Test detect and correct IAM roles attached with unrestricted CloudShell full access policy

Test detect and correct IAM roles attached with unrestricted CloudShell full access pipeline.

Run the pipeline

To run this pipeline from your terminal:

flowpipe pipeline run aws_compliance.pipeline.test_detect_and_correct_iam_roles_with_unrestricted_cloudshell_full_access_detach_role_cloudshell_full_access_policy

Use this pipeline

To call this pipeline from your pipeline, use a step:

step "pipeline" "step_name" {
pipeline = aws_compliance.pipeline.test_detect_and_correct_iam_roles_with_unrestricted_cloudshell_full_access_detach_role_cloudshell_full_access_policy
}

Params

NameTypeRequiredDescriptionDefault
conn
connection.aws
YesName of the AWS connection to be used for any authenticated actions.connection.aws.default
role_name
string
YesThe name of the role.flowpipe-role-562e4699-4532-57f9-6b1e-cf8ac7c1e7fd
assume_role_policy_document
string
YesThe assume role policy document.{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"cloudtrail.amazonaws.com"}}],"Version":"2012-10-17"}

Outputs

NameDescription
test_resultsTest results for each step.

Tags

folder = Tests