Control: AWS > Turbot > IAM > Role > Managed
The control ensures that Turbot-managed roles are accurately maintained, including updates and deletions as necessary. This control is key to managing role-based access controls, including the attachment of policies to roles and the enforcement of lockdown, deny, and boundary policy attachments.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- AWS > Turbot > IAM > Managed
- AWS > Turbot > Permissions > Role > Name Path
- AWS > Turbot > Permissions > Role > Name Prefix
- AWS > Turbot > Permissions > Policy > Name Prefix
- AWS > Turbot > Permissions > Policy > Name Path
- AWS > Turbot > Permissions > Role > Tags
- AWS > Turbot > Permissions > Superuser Boundary
- AWS > Turbot > Permissions > Levels
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-iam
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-iam
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-iam
Permissions
Cloud permissions used by this control and its actions:
iam:DeleteRole
iam:DeleteRolePolicy
iam:DetachRolePolicy
iam:PutRolePermissionsBoundary
iam:DeleteRolePermissionsBoundary
iam:AttachRolePolicy
iam:DetachRolePolicy
iam:UntagRole
iam:TagRole
iam:UpdateAssumeRolePolicy
Category
In Your Workspace
Developers
- tmod:@turbot/aws-iam#/control/types/iamTurbotRoleManaged
- tmod:@turbot/turbot#/control/categories/iam
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-iam#/control/types/iamTurbotRoleManaged"
Get Controls
Control Type URI
Category URI
GraphQL
CLI