Control: AWS > Turbot > IAM > Policy > Managed

The control is responsible for maintaining the lifecycle of Turbot-managed IAM policies, this control ensures that policies are always up-to-date and removes them when they are no longer required. This continuous monitoring and management help in maintaining the security posture and compliance of IAM policies across the organization.

Resource Types

This control targets the following resource types:

AWS > IAM > Policy

Policies

This control type relies on these other policies when running actions:

Permissions

Cloud permissions used by this control and its actions:

iam:ListEntitiesForPolicy
iam:DetachRolePolicy
iam:DetachGroupPolicy
iam:DetachUserPolicy
iam:DeleteRolePermissionsBoundary
iam:DeleteUserPermissionsBoundary
iam:ListPolicyVersions
iam:DeletePolicyVersion
iam:DeletePolicy

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-iam#/control/types/iamTurbotPolicyManaged

Category URI

tmod:@turbot/turbot#/control/categories/iam

GraphQL

query controlType(id: "tmod:@turbot/aws-iam#/control/types/iamTurbotPolicyManaged") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-iam#/control/types/iamTurbotPolicyManaged'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-iam#/control/types/iamTurbotPolicyManaged"