Control: AWS > Turbot > IAM > Group > Managed
The control oversees the creation, updating, and deletion of Turbot-managed IAM groups. It also manages the association and disassociation of users to the group. An essential part of this control is its ability to handle policy attachments to group, ensuring that only authorized policies are associated, thereby maintaining strict access control and compliance.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- AWS > Turbot > IAM > Managed
- AWS > Turbot > Permissions > Group > Name Path
- AWS > Turbot > Permissions > Policy > Name Prefix
- AWS > Turbot > Permissions > Policy > Name Path
- AWS > Turbot > Permissions > Custom Group Levels [Account]
- AWS > Turbot > Permissions > User > Name Path
- AWS > IAM > Login User Names
- AWS > Turbot > Permissions > Levels
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-iam
- AWS > Turbot > Permissions > Group > Name Prefix
Permissions
Cloud permissions used by this control and its actions:
iam:DetachGroupPolicyiam:AttachGroupPolicyiam:RemoveUserFromGroupiam:AddUserToGroupiam:DetachGroupPolicyiam:DeleteGroupPolicyiam:RemoveUserFromGroupiam:DeleteGroup
Category
In Your Workspace
Developers
- tmod:@turbot/aws-iam#/control/types/iamTurbotGroupManaged
- tmod:@turbot/turbot#/control/categories/iam
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-iam#/control/types/iamTurbotGroupManaged"
Get Controls
Control Type URI
Category URI
GraphQL
CLI