standard
turbot/aws_compliance
Variables
The AWS Compliance mod has 298 variables:
accounts_without_alternate_security_contact_default_action
Name | accounts_without_alternate_security_contact_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, add_alternate_security_contact |
Default | notify |
accounts_without_alternate_security_contact_email_address
Name | accounts_without_alternate_security_contact_email_address |
|---|---|
Description | The email address of the alternate contact. |
Type | string |
Default | - |
accounts_without_alternate_security_contact_enabled_actions
Name | accounts_without_alternate_security_contact_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) |
Default | |
accounts_without_alternate_security_contact_name
Name | accounts_without_alternate_security_contact_name |
|---|---|
Description | The name of the alternate contact. |
Type | string |
Default | - |
accounts_without_alternate_security_contact_phone_number
Name | accounts_without_alternate_security_contact_phone_number |
|---|---|
Description | The phone number of the alternate contact. |
Type | string |
Default | - |
accounts_without_alternate_security_contact_title
Name | accounts_without_alternate_security_contact_title |
|---|---|
Description | The title of the alternate contact. |
Type | string |
Default | - |
accounts_without_alternate_security_contact_trigger_enabled
Name | accounts_without_alternate_security_contact_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_alternate_security_contact_trigger_schedule
Name | accounts_without_alternate_security_contact_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_bucket_policy_changes_trigger_enabled
Name | accounts_without_metric_filter_for_bucket_policy_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_bucket_policy_changes_trigger_schedule
Name | accounts_without_metric_filter_for_bucket_policy_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_cloudtrail_configuration_trigger_enabled
Name | accounts_without_metric_filter_for_cloudtrail_configuration_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_cloudtrail_configuration_trigger_schedule
Name | accounts_without_metric_filter_for_cloudtrail_configuration_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_config_configuration_changes_trigger_enabled
Name | accounts_without_metric_filter_for_config_configuration_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_config_configuration_changes_trigger_schedule
Name | accounts_without_metric_filter_for_config_configuration_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_console_authentication_failure_trigger_enabled
Name | accounts_without_metric_filter_for_console_authentication_failure_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_console_authentication_failure_trigger_schedule
Name | accounts_without_metric_filter_for_console_authentication_failure_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_console_login_mfa_changes_trigger_enabled
Name | accounts_without_metric_filter_for_console_login_mfa_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_console_login_mfa_changes_trigger_schedule
Name | accounts_without_metric_filter_for_console_login_mfa_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_disable_or_delete_cmk_trigger_enabled
Name | accounts_without_metric_filter_for_disable_or_delete_cmk_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_disable_or_delete_cmk_trigger_schedule
Name | accounts_without_metric_filter_for_disable_or_delete_cmk_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_iam_policy_changes_trigger_enabled
Name | accounts_without_metric_filter_for_iam_policy_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_iam_policy_changes_trigger_schedule
Name | accounts_without_metric_filter_for_iam_policy_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_network_acl_changes_trigger_enabled
Name | accounts_without_metric_filter_for_network_acl_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_network_acl_changes_trigger_schedule
Name | accounts_without_metric_filter_for_network_acl_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_network_gateway_changes_trigger_enabled
Name | accounts_without_metric_filter_for_network_gateway_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_network_gateway_changes_trigger_schedule
Name | accounts_without_metric_filter_for_network_gateway_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_organization_changes_trigger_enabled
Name | accounts_without_metric_filter_for_organization_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_organization_changes_trigger_schedule
Name | accounts_without_metric_filter_for_organization_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_root_login_trigger_enabled
Name | accounts_without_metric_filter_for_root_login_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_root_login_trigger_schedule
Name | accounts_without_metric_filter_for_root_login_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_route_table_changes_trigger_enabled
Name | accounts_without_metric_filter_for_route_table_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_route_table_changes_trigger_schedule
Name | accounts_without_metric_filter_for_route_table_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_security_group_changes_trigger_enabled
Name | accounts_without_metric_filter_for_security_group_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_security_group_changes_trigger_schedule
Name | accounts_without_metric_filter_for_security_group_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_unauthorized_api_changes_trigger_enabled
Name | accounts_without_metric_filter_for_unauthorized_api_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_unauthorized_api_changes_trigger_schedule
Name | accounts_without_metric_filter_for_unauthorized_api_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
accounts_without_metric_filter_for_vpc_changes_trigger_enabled
Name | accounts_without_metric_filter_for_vpc_changes_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
accounts_without_metric_filter_for_vpc_changes_trigger_schedule
Name | accounts_without_metric_filter_for_vpc_changes_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
apigateway_rest_api_stages_with_xray_tracing_disabled_default_action
Name | apigateway_rest_api_stages_with_xray_tracing_disabled_default_action |
|---|---|
Description | The default action to use for detected items. |
Type | string notify, skip, enable_xray_tracing |
Default | notify |
apigateway_rest_api_stages_with_xray_tracing_disabled_enabled_actions
Name | apigateway_rest_api_stages_with_xray_tracing_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_xray_tracing |
Default | |
apigateway_rest_api_stages_with_xray_tracing_disabled_trigger_enabled
Name | apigateway_rest_api_stages_with_xray_tracing_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
apigateway_rest_api_stages_with_xray_tracing_disabled_trigger_schedule
Name | apigateway_rest_api_stages_with_xray_tracing_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
approvers
Name | approvers |
|---|---|
Description | List of notifiers to be used for obtaining action/approval decisions, when empty list will perform the default response associated with the detection. |
Type | list(notifier) |
Default | notifier.default |
cloudtrail_trail_logs_not_encrypted_with_kms_cmk_default_action
Name | cloudtrail_trail_logs_not_encrypted_with_kms_cmk_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, encrypt_cloud_trail_logs |
Default | notify |
cloudtrail_trail_logs_not_encrypted_with_kms_cmk_enabled_actions
Name | cloudtrail_trail_logs_not_encrypted_with_kms_cmk_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, encrypt_cloud_trail_logs |
Default | |
cloudtrail_trail_logs_not_encrypted_with_kms_cmk_kms_key_id
Name | cloudtrail_trail_logs_not_encrypted_with_kms_cmk_kms_key_id |
|---|---|
Description | Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. |
Type | string |
Default | - |
cloudtrail_trail_logs_not_encrypted_with_kms_cmk_trigger_enabled
Name | cloudtrail_trail_logs_not_encrypted_with_kms_cmk_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
cloudtrail_trail_logs_not_encrypted_with_kms_cmk_trigger_schedule
Name | cloudtrail_trail_logs_not_encrypted_with_kms_cmk_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
cloudtrail_trail_multi_region_read_write_disabled_default_bucket_name
Name | cloudtrail_trail_multi_region_read_write_disabled_default_bucket_name |
|---|---|
Description | The name of the bucket. |
Type | string |
Default | test-fp-multi-region-trail-bucket |
cloudtrail_trail_multi_region_read_write_disabled_default_enabled_region
Name | cloudtrail_trail_multi_region_read_write_disabled_default_enabled_region |
|---|---|
Description | The AWS region where the trail and bucket will be created. |
Type | string |
Default | us-east-1 |
cloudtrail_trail_multi_region_read_write_disabled_default_trail_name
Name | cloudtrail_trail_multi_region_read_write_disabled_default_trail_name |
|---|---|
Description | The name of the trail. |
Type | string |
Default | test-fp-multi-region-trail |
cloudtrail_trail_multi_region_read_write_disabled_trigger_enabled
Name | cloudtrail_trail_multi_region_read_write_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
cloudtrail_trail_multi_region_read_write_disabled_trigger_schedule
Name | cloudtrail_trail_multi_region_read_write_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
cloudtrail_trails_with_log_file_validation_disabled_default_action
Name | cloudtrail_trails_with_log_file_validation_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_log_file_validation |
Default | notify |
cloudtrail_trails_with_log_file_validation_disabled_enabled_actions
Name | cloudtrail_trails_with_log_file_validation_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_log_file_validation |
Default | |
cloudtrail_trails_with_log_file_validation_disabled_trigger_enabled
Name | cloudtrail_trails_with_log_file_validation_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
cloudtrail_trails_with_log_file_validation_disabled_trigger_schedule
Name | cloudtrail_trails_with_log_file_validation_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
cloudtrail_trails_with_public_s3_bucket_trigger_enabled
Name | cloudtrail_trails_with_public_s3_bucket_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
cloudtrail_trails_with_public_s3_bucket_trigger_schedule
Name | cloudtrail_trails_with_public_s3_bucket_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
cloudtrail_trails_with_s3_logging_disabled_default_action
Name | cloudtrail_trails_with_s3_logging_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_s3_logging |
Default | notify |
cloudtrail_trails_with_s3_logging_disabled_default_bucket_name
Name | cloudtrail_trails_with_s3_logging_disabled_default_bucket_name |
|---|---|
Description | The name of the bucket. |
Type | string |
Default | test-fp-bucket-trail-logging |
cloudtrail_trails_with_s3_logging_disabled_enabled_actions
Name | cloudtrail_trails_with_s3_logging_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_s3_logging |
Default | |
cloudtrail_trails_with_s3_logging_disabled_trigger_enabled
Name | cloudtrail_trails_with_s3_logging_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
cloudtrail_trails_with_s3_logging_disabled_trigger_schedule
Name | cloudtrail_trails_with_s3_logging_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
cloudtrail_trails_with_s3_object_level_logging_for_read_events_disabled_trigger_enabled
Name | cloudtrail_trails_with_s3_object_level_logging_for_read_events_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
cloudtrail_trails_with_s3_object_level_logging_for_read_events_disabled_trigger_schedule
Name | cloudtrail_trails_with_s3_object_level_logging_for_read_events_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
cloudtrail_trails_with_s3_object_level_logging_for_write_events_disabled_trigger_enabled
Name | cloudtrail_trails_with_s3_object_level_logging_for_write_events_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
cloudtrail_trails_with_s3_object_level_logging_for_write_events_disabled_trigger_schedule
Name | cloudtrail_trails_with_s3_object_level_logging_for_write_events_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
config_disabled_in_regions_trigger_enabled
Name | config_disabled_in_regions_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
config_disabled_in_regions_trigger_schedule
Name | config_disabled_in_regions_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
database
Name | database |
|---|---|
Description | Steampipe database connection string. |
Type | connection.steampipe |
Default | connection.steampipe.default |
dynamodb_tables_with_deletion_protection_disabled_default_action
Name | dynamodb_tables_with_deletion_protection_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_deletion_protection |
Default | notify |
dynamodb_tables_with_deletion_protection_disabled_enabled_actions
Name | dynamodb_tables_with_deletion_protection_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_deletion_protection |
Default | |
dynamodb_tables_with_deletion_protection_disabled_trigger_enabled
Name | dynamodb_tables_with_deletion_protection_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
dynamodb_tables_with_deletion_protection_disabled_trigger_schedule
Name | dynamodb_tables_with_deletion_protection_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
dynamodb_tables_with_point_in_time_recovery_disabled_default_action
Name | dynamodb_tables_with_point_in_time_recovery_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_point_in_time_recovery |
Default | notify |
dynamodb_tables_with_point_in_time_recovery_disabled_enabled_actions
Name | dynamodb_tables_with_point_in_time_recovery_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_point_in_time_recovery |
Default | |
dynamodb_tables_with_point_in_time_recovery_disabled_trigger_enabled
Name | dynamodb_tables_with_point_in_time_recovery_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
dynamodb_tables_with_point_in_time_recovery_disabled_trigger_schedule
Name | dynamodb_tables_with_point_in_time_recovery_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
ebs_encryption_by_default_disabled_in_regions_default_action
Name | ebs_encryption_by_default_disabled_in_regions_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_encryption_by_default |
Default | notify |
ebs_encryption_by_default_disabled_in_regions_enabled_actions
Name | ebs_encryption_by_default_disabled_in_regions_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_encryption_by_default |
Default | |
ebs_encryption_by_default_disabled_in_regions_trigger_enabled
Name | ebs_encryption_by_default_disabled_in_regions_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
ebs_encryption_by_default_disabled_in_regions_trigger_schedule
Name | ebs_encryption_by_default_disabled_in_regions_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
ebs_snapshots_when_publicly_restorable_default_action
Name | ebs_snapshots_when_publicly_restorable_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_snapshot_permision_to_private, delete_snapshot |
Default | notify |
ebs_snapshots_when_publicly_restorable_enabled_actions
Name | ebs_snapshots_when_publicly_restorable_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_snapshot_permision_to_private, delete_snapshot |
Default | |
ebs_snapshots_when_publicly_restorable_trigger_enabled
Name | ebs_snapshots_when_publicly_restorable_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
ebs_snapshots_when_publicly_restorable_trigger_schedule
Name | ebs_snapshots_when_publicly_restorable_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
ec2_classic_load_balancers_with_connection_draining_disabled_default_action
Name | ec2_classic_load_balancers_with_connection_draining_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_connection_draining |
Default | notify |
ec2_classic_load_balancers_with_connection_draining_disabled_enabled_actions
Name | ec2_classic_load_balancers_with_connection_draining_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_connection_draining |
Default | |
ec2_classic_load_balancers_with_connection_draining_disabled_trigger_enabled
Name | ec2_classic_load_balancers_with_connection_draining_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
ec2_classic_load_balancers_with_connection_draining_disabled_trigger_schedule
Name | ec2_classic_load_balancers_with_connection_draining_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
ec2_instances_with_imdsv1_enabled_default_action
Name | ec2_instances_with_imdsv1_enabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, disable_imdsv1 |
Default | notify |
ec2_instances_with_imdsv1_enabled_enabled_actions
Name | ec2_instances_with_imdsv1_enabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, disable_imdsv1 |
Default | |
ec2_instances_with_imdsv1_enabled_trigger_enabled
Name | ec2_instances_with_imdsv1_enabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
ec2_instances_with_imdsv1_enabled_trigger_schedule
Name | ec2_instances_with_imdsv1_enabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
ec2_instances_with_multiple_enis_default_action
Name | ec2_instances_with_multiple_enis_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_network_interface |
Default | notify |
ec2_instances_with_multiple_enis_enabled_actions
Name | ec2_instances_with_multiple_enis_enabled_actions |
|---|---|
Description | The list of enabled actions to provide for selection. |
Type | list(string) skip, detach_network_interface |
Default | |
ec2_instances_with_multiple_enis_trigger_enabled
Name | ec2_instances_with_multiple_enis_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
ec2_instances_with_multiple_enis_trigger_schedule
Name | ec2_instances_with_multiple_enis_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
ec2_instances_with_public_access_enabled_default_action
Name | ec2_instances_with_public_access_enabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, stop_instance, terminate_instance |
Default | notify |
ec2_instances_with_public_access_enabled_enabled_actions
Name | ec2_instances_with_public_access_enabled_enabled_actions |
|---|---|
Description | The list of enabled actions to provide for selection. |
Type | list(string) skip, stop_instance, terminate_instance |
Default | |
ec2_instances_with_public_access_enabled_trigger_enabled
Name | ec2_instances_with_public_access_enabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
ec2_instances_with_public_access_enabled_trigger_schedule
Name | ec2_instances_with_public_access_enabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
efs_file_systems_with_encryption_at_rest_disabled_trigger_enabled
Name | efs_file_systems_with_encryption_at_rest_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
efs_file_systems_with_encryption_at_rest_disabled_trigger_schedule
Name | efs_file_systems_with_encryption_at_rest_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_access_analyzer_disabled_in_regions_analyzer_name
Name | iam_access_analyzer_disabled_in_regions_analyzer_name |
|---|---|
Description | The name of the IAM Access Analyzer. |
Type | string |
Default | accessanalyzer |
iam_access_analyzer_disabled_in_regions_default_action
Name | iam_access_analyzer_disabled_in_regions_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_access_analyzer |
Default | notify |
iam_access_analyzer_disabled_in_regions_enabled_actions
Name | iam_access_analyzer_disabled_in_regions_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_access_analyzer |
Default | |
iam_access_analyzer_disabled_in_regions_trigger_enabled
Name | iam_access_analyzer_disabled_in_regions_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_access_analyzer_disabled_in_regions_trigger_schedule
Name | iam_access_analyzer_disabled_in_regions_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_account_password_policies_without_max_password_age_90_days_default_action
Name | iam_account_password_policies_without_max_password_age_90_days_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_password_policy_max_age |
Default | notify |
iam_account_password_policies_without_max_password_age_90_days_enabled_actions
Name | iam_account_password_policies_without_max_password_age_90_days_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_password_policy_max_age |
Default | |
iam_account_password_policies_without_max_password_age_90_days_trigger_enabled
Name | iam_account_password_policies_without_max_password_age_90_days_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_account_password_policies_without_max_password_age_90_days_trigger_schedule
Name | iam_account_password_policies_without_max_password_age_90_days_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_account_password_policies_without_min_length_14_default_action
Name | iam_account_password_policies_without_min_length_14_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_password_policy_min_length |
Default | notify |
iam_account_password_policies_without_min_length_14_enabled_actions
Name | iam_account_password_policies_without_min_length_14_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_password_policy_min_length |
Default | |
iam_account_password_policies_without_min_length_14_trigger_enabled
Name | iam_account_password_policies_without_min_length_14_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_account_password_policies_without_min_length_14_trigger_schedule
Name | iam_account_password_policies_without_min_length_14_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_account_password_policies_without_one_lowercase_letter_default_action
Name | iam_account_password_policies_without_one_lowercase_letter_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_password_policy_require_lowercase |
Default | notify |
iam_account_password_policies_without_one_lowercase_letter_enabled_actions
Name | iam_account_password_policies_without_one_lowercase_letter_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_password_policy_require_lowercase |
Default | |
iam_account_password_policies_without_one_lowercase_letter_trigger_enabled
Name | iam_account_password_policies_without_one_lowercase_letter_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_account_password_policies_without_one_lowercase_letter_trigger_schedule
Name | iam_account_password_policies_without_one_lowercase_letter_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_account_password_policies_without_one_number_default_action
Name | iam_account_password_policies_without_one_number_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_password_policy_require_numbers |
Default | notify |
iam_account_password_policies_without_one_number_enabled_actions
Name | iam_account_password_policies_without_one_number_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_password_policy_require_numbers |
Default | |
iam_account_password_policies_without_one_number_trigger_enabled
Name | iam_account_password_policies_without_one_number_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_account_password_policies_without_one_number_trigger_schedule
Name | iam_account_password_policies_without_one_number_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_account_password_policies_without_one_symbol_default_action
Name | iam_account_password_policies_without_one_symbol_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_password_policy_require_symbols |
Default | notify |
iam_account_password_policies_without_one_symbol_enabled_actions
Name | iam_account_password_policies_without_one_symbol_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_password_policy_require_symbols |
Default | |
iam_account_password_policies_without_one_symbol_trigger_enabled
Name | iam_account_password_policies_without_one_symbol_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_account_password_policies_without_one_symbol_trigger_schedule
Name | iam_account_password_policies_without_one_symbol_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_account_password_policies_without_one_uppercase_letter_default_action
Name | iam_account_password_policies_without_one_uppercase_letter_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_password_policy_require_uppercase |
Default | notify |
iam_account_password_policies_without_one_uppercase_letter_enabled_actions
Name | iam_account_password_policies_without_one_uppercase_letter_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_password_policy_require_uppercase |
Default | |
iam_account_password_policies_without_one_uppercase_letter_trigger_enabled
Name | iam_account_password_policies_without_one_uppercase_letter_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_account_password_policies_without_one_uppercase_letter_trigger_schedule
Name | iam_account_password_policies_without_one_uppercase_letter_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_account_password_policies_without_password_reuse_24_default_action
Name | iam_account_password_policies_without_password_reuse_24_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, update_password_policy_reuse_prevention |
Default | notify |
iam_account_password_policies_without_password_reuse_24_enabled_actions
Name | iam_account_password_policies_without_password_reuse_24_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, update_password_policy_reuse_prevention |
Default | |
iam_account_password_policies_without_password_reuse_24_trigger_enabled
Name | iam_account_password_policies_without_password_reuse_24_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_account_password_policies_without_password_reuse_24_trigger_schedule
Name | iam_account_password_policies_without_password_reuse_24_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_accounts_without_support_role_default_action
Name | iam_accounts_without_support_role_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, create_support_role |
Default | notify |
iam_accounts_without_support_role_enabled_actions
Name | iam_accounts_without_support_role_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, create_support_role |
Default | |
iam_accounts_without_support_role_support_role_name
Name | iam_accounts_without_support_role_support_role_name |
|---|---|
Description | Specifies the IAM support role that will be created. |
Type | string |
Default | flowpipe-aws-support-access |
iam_accounts_without_support_role_trigger_enabled
Name | iam_accounts_without_support_role_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_accounts_without_support_role_trigger_schedule
Name | iam_accounts_without_support_role_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_accounts_without_support_role_user_arn
Name | iam_accounts_without_support_role_user_arn |
|---|---|
Description | Specifies the IAM user arn to be used for creating the support role. |
Type | string |
Default | - |
iam_groups_with_policy_star_star_attached_default_action
Name | iam_groups_with_policy_star_star_attached_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_group_star_star_policy |
Default | notify |
iam_groups_with_policy_star_star_attached_enabled_actions
Name | iam_groups_with_policy_star_star_attached_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, detach_group_star_star_policy |
Default | |
iam_groups_with_policy_star_star_attached_trigger_enabled
Name | iam_groups_with_policy_star_star_attached_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_groups_with_policy_star_star_attached_trigger_schedule
Name | iam_groups_with_policy_star_star_attached_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_groups_with_unrestricted_cloudshell_full_access_default_action
Name | iam_groups_with_unrestricted_cloudshell_full_access_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_group_cloudshell_full_access_policy |
Default | notify |
iam_groups_with_unrestricted_cloudshell_full_access_enabled_actions
Name | iam_groups_with_unrestricted_cloudshell_full_access_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, detach_group_cloudshell_full_access_policy |
Default | |
iam_groups_with_unrestricted_cloudshell_full_access_trigger_enabled
Name | iam_groups_with_unrestricted_cloudshell_full_access_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_groups_with_unrestricted_cloudshell_full_access_trigger_schedule
Name | iam_groups_with_unrestricted_cloudshell_full_access_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_roles_with_policy_star_star_attached_default_action
Name | iam_roles_with_policy_star_star_attached_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_role_star_star_policy |
Default | notify |
iam_roles_with_policy_star_star_attached_enabled_actions
Name | iam_roles_with_policy_star_star_attached_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, detach_role_star_star_policy |
Default | |
iam_roles_with_policy_star_star_attached_trigger_enabled
Name | iam_roles_with_policy_star_star_attached_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_roles_with_policy_star_star_attached_trigger_schedule
Name | iam_roles_with_policy_star_star_attached_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_roles_with_unrestricted_cloudshell_full_access_default_action
Name | iam_roles_with_unrestricted_cloudshell_full_access_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_role_cloudshell_full_access_policy |
Default | notify |
iam_roles_with_unrestricted_cloudshell_full_access_enabled_actions
Name | iam_roles_with_unrestricted_cloudshell_full_access_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, detach_role_cloudshell_full_access_policy |
Default | |
iam_roles_with_unrestricted_cloudshell_full_access_trigger_enabled
Name | iam_roles_with_unrestricted_cloudshell_full_access_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_roles_with_unrestricted_cloudshell_full_access_trigger_schedule
Name | iam_roles_with_unrestricted_cloudshell_full_access_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_root_users_last_used_90_days_trigger_enabled
Name | iam_root_users_last_used_90_days_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_root_users_last_used_90_days_trigger_schedule
Name | iam_root_users_last_used_90_days_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_root_users_with_access_keys_trigger_enabled
Name | iam_root_users_with_access_keys_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_root_users_with_access_keys_trigger_schedule
Name | iam_root_users_with_access_keys_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_root_users_with_hardware_mfa_disabled_trigger_enabled
Name | iam_root_users_with_hardware_mfa_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_root_users_with_hardware_mfa_disabled_trigger_schedule
Name | iam_root_users_with_hardware_mfa_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_root_users_with_mfa_disabled_trigger_enabled
Name | iam_root_users_with_mfa_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_root_users_with_mfa_disabled_trigger_schedule
Name | iam_root_users_with_mfa_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_server_certificates_expired_default_action
Name | iam_server_certificates_expired_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, delete_expired_server_certificate |
Default | notify |
iam_server_certificates_expired_enabled_actions
Name | iam_server_certificates_expired_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, delete_expired_server_certificate |
Default | |
iam_server_certificates_expired_trigger_enabled
Name | iam_server_certificates_expired_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_server_certificates_expired_trigger_schedule
Name | iam_server_certificates_expired_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_access_key_age_90_days_default_action
Name | iam_users_with_access_key_age_90_days_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, deactivate_access_key |
Default | notify |
iam_users_with_access_key_age_90_days_enabled_actions
Name | iam_users_with_access_key_age_90_days_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, deactivate_access_key |
Default | |
iam_users_with_access_key_age_90_days_trigger_enabled
Name | iam_users_with_access_key_age_90_days_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_access_key_age_90_days_trigger_schedule
Name | iam_users_with_access_key_age_90_days_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_access_key_during_initial_user_setup_default_action
Name | iam_users_with_access_key_during_initial_user_setup_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, delete_access_key |
Default | notify |
iam_users_with_access_key_during_initial_user_setup_enabled_actions
Name | iam_users_with_access_key_during_initial_user_setup_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, delete_access_key |
Default | |
iam_users_with_access_key_during_initial_user_setup_trigger_enabled
Name | iam_users_with_access_key_during_initial_user_setup_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_access_key_during_initial_user_setup_trigger_schedule
Name | iam_users_with_access_key_during_initial_user_setup_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_console_access_mfa_disabled_trigger_enabled
Name | iam_users_with_console_access_mfa_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_console_access_mfa_disabled_trigger_schedule
Name | iam_users_with_console_access_mfa_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_iam_policy_attached_default_action
Name | iam_users_with_iam_policy_attached_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_iam_policy |
Default | notify |
iam_users_with_iam_policy_attached_enabled_actions
Name | iam_users_with_iam_policy_attached_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, detach_iam_policy |
Default | |
iam_users_with_iam_policy_attached_trigger_enabled
Name | iam_users_with_iam_policy_attached_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_iam_policy_attached_trigger_schedule
Name | iam_users_with_iam_policy_attached_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_inline_policy_attached_default_action
Name | iam_users_with_inline_policy_attached_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, delete_inline_policy |
Default | notify |
iam_users_with_inline_policy_attached_enabled_actions
Name | iam_users_with_inline_policy_attached_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, delete_inline_policy |
Default | |
iam_users_with_inline_policy_attached_trigger_enabled
Name | iam_users_with_inline_policy_attached_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_inline_policy_attached_trigger_schedule
Name | iam_users_with_inline_policy_attached_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_more_than_one_active_key_default_action
Name | iam_users_with_more_than_one_active_key_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, deactivate_access_key_1, deactivate_access_key_2 |
Default | notify |
iam_users_with_more_than_one_active_key_enabled_actions
Name | iam_users_with_more_than_one_active_key_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, deactivate_access_key_1, deactivate_access_key_2 |
Default | |
iam_users_with_more_than_one_active_key_trigger_enabled
Name | iam_users_with_more_than_one_active_key_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_more_than_one_active_key_trigger_schedule
Name | iam_users_with_more_than_one_active_key_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_policy_star_star_attached_default_action
Name | iam_users_with_policy_star_star_attached_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_user_star_star_policy |
Default | notify |
iam_users_with_policy_star_star_attached_enabled_actions
Name | iam_users_with_policy_star_star_attached_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, detach_user_star_star_policy |
Default | |
iam_users_with_policy_star_star_attached_trigger_enabled
Name | iam_users_with_policy_star_star_attached_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_policy_star_star_attached_trigger_schedule
Name | iam_users_with_policy_star_star_attached_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_unrestricted_cloudshell_full_access_default_action
Name | iam_users_with_unrestricted_cloudshell_full_access_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, detach_policy |
Default | notify |
iam_users_with_unrestricted_cloudshell_full_access_enabled_actions
Name | iam_users_with_unrestricted_cloudshell_full_access_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, detach_policy |
Default | |
iam_users_with_unrestricted_cloudshell_full_access_trigger_enabled
Name | iam_users_with_unrestricted_cloudshell_full_access_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_unrestricted_cloudshell_full_access_trigger_schedule
Name | iam_users_with_unrestricted_cloudshell_full_access_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_unused_access_key_45_days_default_action
Name | iam_users_with_unused_access_key_45_days_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, deactivate_access_key |
Default | notify |
iam_users_with_unused_access_key_45_days_enabled_actions
Name | iam_users_with_unused_access_key_45_days_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, deactivate_access_key |
Default | |
iam_users_with_unused_access_key_45_days_trigger_enabled
Name | iam_users_with_unused_access_key_45_days_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_unused_access_key_45_days_trigger_schedule
Name | iam_users_with_unused_access_key_45_days_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_unused_access_key_90_days_default_action
Name | iam_users_with_unused_access_key_90_days_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, deactivate_access_key |
Default | notify |
iam_users_with_unused_access_key_90_days_enabled_actions
Name | iam_users_with_unused_access_key_90_days_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, deactivate_access_key |
Default | |
iam_users_with_unused_access_key_90_days_trigger_enabled
Name | iam_users_with_unused_access_key_90_days_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_unused_access_key_90_days_trigger_schedule
Name | iam_users_with_unused_access_key_90_days_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_unused_login_profile_45_days_default_action
Name | iam_users_with_unused_login_profile_45_days_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, delete_user_login_profile_unused_45_days |
Default | notify |
iam_users_with_unused_login_profile_45_days_enabled_actions
Name | iam_users_with_unused_login_profile_45_days_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, delete_user_login_profile_unused_45_days |
Default | |
iam_users_with_unused_login_profile_45_days_trigger_enabled
Name | iam_users_with_unused_login_profile_45_days_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_unused_login_profile_45_days_trigger_schedule
Name | iam_users_with_unused_login_profile_45_days_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
iam_users_with_unused_login_profile_90_days_default_action
Name | iam_users_with_unused_login_profile_90_days_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, delete_user_login_profile_unused_90_days |
Default | notify |
iam_users_with_unused_login_profile_90_days_enabled_actions
Name | iam_users_with_unused_login_profile_90_days_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, delete_user_login_profile_unused_90_days |
Default | |
iam_users_with_unused_login_profile_90_days_trigger_enabled
Name | iam_users_with_unused_login_profile_90_days_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
iam_users_with_unused_login_profile_90_days_trigger_schedule
Name | iam_users_with_unused_login_profile_90_days_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
kms_keys_with_rotation_disabled_default_action
Name | kms_keys_with_rotation_disabled_default_action |
|---|---|
Description | The default action to use for detected items. |
Type | string notify, skip, enable_key_rotation |
Default | notify |
kms_keys_with_rotation_disabled_enabled_actions
Name | kms_keys_with_rotation_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_key_rotation |
Default | |
kms_keys_with_rotation_disabled_trigger_enabled
Name | kms_keys_with_rotation_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
kms_keys_with_rotation_disabled_trigger_schedule
Name | kms_keys_with_rotation_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
max_concurrency
Name | max_concurrency |
|---|---|
Description | The maximum concurrency to use for responding to detection items. |
Type | number |
Default | 1 |
notification_level
Name | notification_level |
|---|---|
Description | The verbosity level of notification messages to send. |
Type | string |
Default | info |
notifier
Name | notifier |
|---|---|
Description | The notifier to use for sending notification messages. |
Type | notifier |
Default | notifier.default |
rds_db_instances_with_auto_minor_version_upgrade_disabled_default_action
Name | rds_db_instances_with_auto_minor_version_upgrade_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_auto_minor_version_upgrade |
Default | notify |
rds_db_instances_with_auto_minor_version_upgrade_disabled_enabled_actions
Name | rds_db_instances_with_auto_minor_version_upgrade_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_auto_minor_version_upgrade |
Default | |
rds_db_instances_with_auto_minor_version_upgrade_disabled_trigger_enabled
Name | rds_db_instances_with_auto_minor_version_upgrade_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
rds_db_instances_with_auto_minor_version_upgrade_disabled_trigger_schedule
Name | rds_db_instances_with_auto_minor_version_upgrade_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
rds_db_instances_with_encryption_at_rest_disabled_trigger_enabled
Name | rds_db_instances_with_encryption_at_rest_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
rds_db_instances_with_encryption_at_rest_disabled_trigger_schedule
Name | rds_db_instances_with_encryption_at_rest_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
rds_db_instances_with_multi_az_disabled_default_action
Name | rds_db_instances_with_multi_az_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_multi_az |
Default | notify |
rds_db_instances_with_multi_az_disabled_enabled_actions
Name | rds_db_instances_with_multi_az_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_multi_az |
Default | |
rds_db_instances_with_multi_az_disabled_trigger_enabled
Name | rds_db_instances_with_multi_az_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
rds_db_instances_with_multi_az_disabled_trigger_schedule
Name | rds_db_instances_with_multi_az_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
rds_db_instances_with_public_access_enabled_default_action
Name | rds_db_instances_with_public_access_enabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, disable_public_access |
Default | notify |
rds_db_instances_with_public_access_enabled_enabled_actions
Name | rds_db_instances_with_public_access_enabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, disable_public_access |
Default | |
rds_db_instances_with_public_access_enabled_trigger_enabled
Name | rds_db_instances_with_public_access_enabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
rds_db_instances_with_public_access_enabled_trigger_schedule
Name | rds_db_instances_with_public_access_enabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
s3_buckets_with_block_public_access_disabled_default_action
Name | s3_buckets_with_block_public_access_disabled_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, block_public_access |
Default | notify |
s3_buckets_with_block_public_access_disabled_enabled_actions
Name | s3_buckets_with_block_public_access_disabled_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, block_public_access |
Default | |
s3_buckets_with_block_public_access_disabled_trigger_enabled
Name | s3_buckets_with_block_public_access_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
s3_buckets_with_block_public_access_disabled_trigger_schedule
Name | s3_buckets_with_block_public_access_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
s3_buckets_with_default_encryption_disabled_trigger_enabled
Name | s3_buckets_with_default_encryption_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
s3_buckets_with_default_encryption_disabled_trigger_schedule
Name | s3_buckets_with_default_encryption_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
s3_buckets_with_macie_disabled_trigger_enabled
Name | s3_buckets_with_macie_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
s3_buckets_with_macie_disabled_trigger_schedule
Name | s3_buckets_with_macie_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
s3_buckets_with_mfa_delete_disabled_trigger_enabled
Name | s3_buckets_with_mfa_delete_disabled_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
s3_buckets_with_mfa_delete_disabled_trigger_schedule
Name | s3_buckets_with_mfa_delete_disabled_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
s3_buckets_without_ssl_enforcement_default_action
Name | s3_buckets_without_ssl_enforcement_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enforce_ssl |
Default | notify |
s3_buckets_without_ssl_enforcement_enabled_actions
Name | s3_buckets_without_ssl_enforcement_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enforce_ssl |
Default | |
s3_buckets_without_ssl_enforcement_trigger_enabled
Name | s3_buckets_without_ssl_enforcement_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
s3_buckets_without_ssl_enforcement_trigger_schedule
Name | s3_buckets_without_ssl_enforcement_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
security_hub_disabled_in_regions_default_action
Name | security_hub_disabled_in_regions_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, enable_with_default_standards, enable_without_default_standards |
Default | notify |
security_hub_disabled_in_regions_enabled_actions
Name | security_hub_disabled_in_regions_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, enable_with_default_standards, enable_without_default_standards |
Default | |
security_hub_disabled_in_regions_trigger_enabled
Name | security_hub_disabled_in_regions_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
security_hub_disabled_in_regions_trigger_schedule
Name | security_hub_disabled_in_regions_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_default_security_groups_allowing_ingress_egress_default_action
Name | vpc_default_security_groups_allowing_ingress_egress_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, revoke_security_group_rule |
Default | notify |
vpc_default_security_groups_allowing_ingress_egress_enabled_actions
Name | vpc_default_security_groups_allowing_ingress_egress_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, revoke_security_group_rule |
Default | |
vpc_default_security_groups_allowing_ingress_egress_trigger_enabled
Name | vpc_default_security_groups_allowing_ingress_egress_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_default_security_groups_allowing_ingress_egress_trigger_schedule
Name | vpc_default_security_groups_allowing_ingress_egress_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_default_action
Name | vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, delete_network_acl_entry |
Default | notify |
vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_enabled_actions
Name | vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, delete_network_acl_entry |
Default | |
vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_trigger_enabled
Name | vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_trigger_schedule
Name | vpc_network_acls_allowing_ingress_to_remote_server_administration_ports_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_security_groups_allowing_ingress_to_port_22_default_action
Name | vpc_security_groups_allowing_ingress_to_port_22_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, revoke_security_group_rule |
Default | notify |
vpc_security_groups_allowing_ingress_to_port_22_enabled_actions
Name | vpc_security_groups_allowing_ingress_to_port_22_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, revoke_security_group_rule |
Default | |
vpc_security_groups_allowing_ingress_to_port_22_trigger_enabled
Name | vpc_security_groups_allowing_ingress_to_port_22_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_security_groups_allowing_ingress_to_port_22_trigger_schedule
Name | vpc_security_groups_allowing_ingress_to_port_22_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_security_groups_allowing_ingress_to_port_3389_default_action
Name | vpc_security_groups_allowing_ingress_to_port_3389_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, revoke_security_group_rule |
Default | notify |
vpc_security_groups_allowing_ingress_to_port_3389_enabled_actions
Name | vpc_security_groups_allowing_ingress_to_port_3389_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, revoke_security_group_rule |
Default | |
vpc_security_groups_allowing_ingress_to_port_3389_trigger_enabled
Name | vpc_security_groups_allowing_ingress_to_port_3389_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_security_groups_allowing_ingress_to_port_3389_trigger_schedule
Name | vpc_security_groups_allowing_ingress_to_port_3389_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_security_groups_allowing_ingress_to_port_445_default_action
Name | vpc_security_groups_allowing_ingress_to_port_445_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, revoke_security_group_rule |
Default | notify |
vpc_security_groups_allowing_ingress_to_port_445_enabled_actions
Name | vpc_security_groups_allowing_ingress_to_port_445_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, revoke_security_group_rule |
Default | |
vpc_security_groups_allowing_ingress_to_port_445_trigger_enabled
Name | vpc_security_groups_allowing_ingress_to_port_445_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_security_groups_allowing_ingress_to_port_445_trigger_schedule
Name | vpc_security_groups_allowing_ingress_to_port_445_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_default_action
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, revoke_security_group_rule |
Default | notify |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_enabled_actions
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, revoke_security_group_rule |
Default | |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_default_action
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, revoke_security_group_rule |
Default | notify |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_enabled_actions
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, revoke_security_group_rule |
Default | |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_trigger_enabled
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_trigger_schedule
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv4_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_default_action
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, revoke_security_group_rule |
Default | notify |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_enabled_actions
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, revoke_security_group_rule |
Default | |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_trigger_enabled
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_trigger_schedule
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_ipv6_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_trigger_enabled
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_trigger_schedule
Name | vpc_security_groups_allowing_ingress_to_remote_server_administration_ports_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |
vpcs_without_flow_logs_cloudwatch_log_group_name
Name | vpcs_without_flow_logs_cloudwatch_log_group_name |
|---|---|
Description | Cloud Watch Log name |
Type | string |
Default | FlowpipeRemediateEnableVPCFlowLogCloudWatchLogGroup |
vpcs_without_flow_logs_default_action
Name | vpcs_without_flow_logs_default_action |
|---|---|
Description | The default action to use when there are no approvers. |
Type | string notify, skip, create_flow_log |
Default | notify |
vpcs_without_flow_logs_enabled_actions
Name | vpcs_without_flow_logs_enabled_actions |
|---|---|
Description | The list of enabled actions approvers can select. |
Type | list(string) skip, create_flow_log |
Default | |
vpcs_without_flow_logs_iam_policy
Name | vpcs_without_flow_logs_iam_policy |
|---|---|
Description | The default IAM policy to apply |
Type | string |
Default | {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams",
"logs:PutLogEvents",
"logs:GetLogEvents",
"logs:FilterLogEvents"
],
"Resource": "*"
}
]
}
|
vpcs_without_flow_logs_iam_policy_name
Name | vpcs_without_flow_logs_iam_policy_name |
|---|---|
Description | IAM policy for AWS VPC Flow Log |
Type | string |
Default | FlowpipeRemediateEnableVPCFlowLogIAMPolicy |
vpcs_without_flow_logs_role_name
Name | vpcs_without_flow_logs_role_name |
|---|---|
Description | IAM role for AWS VPC Flow Log |
Type | string |
Default | FlowpipeRemediateEnableVPCFlowLogIAMRole |
vpcs_without_flow_logs_role_policy
Name | vpcs_without_flow_logs_role_policy |
|---|---|
Description | The default IAM role policy to apply |
Type | string |
Default | {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "test",
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
|
vpcs_without_flow_logs_trigger_enabled
Name | vpcs_without_flow_logs_trigger_enabled |
|---|---|
Description | If true, the trigger is enabled. |
Type | bool |
Default | false |
vpcs_without_flow_logs_trigger_schedule
Name | vpcs_without_flow_logs_trigger_schedule |
|---|---|
Description | If the trigger is enabled, run it on this schedule. |
Type | string |
Default | 15m |