Control: AWS > IAM > Role > Inline Policy > Discovery

Discover AWS IAM role inline policies and add them to Turbot.

The Discovery control is tasked with identifying instances for a particular resource. The Discovery control will periodically search for new target resources and save them to the Guardrails CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Resource Types

This control targets the following resource types:

AWS > IAM > Role

Policies

The following policies can be used to configure this control:

AWS > IAM > Role > Inline Policy > CMDB

Permissions

Cloud permissions used by this control and its actions:

iam:ListRolePolicies

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-iam#/control/types/roleInlinePolicyDiscovery

Category URI

tmod:@turbot/turbot#/control/categories/cmdb

GraphQL

query controlType(id: "tmod:@turbot/aws-iam#/control/types/roleInlinePolicyDiscovery") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-iam#/control/types/roleInlinePolicyDiscovery'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-iam#/control/types/roleInlinePolicyDiscovery"