Control: AWS > IAM > Role > Inline Policy > Statements > Approved

Configure IAM Role inline policy statements checking. This control defines whether IAM policy statements are approved, as well as the subsequent action to take on unapproved statements. Rules for all Approved policies will be compiled in Approved > Compiled Rules and then evaluated.

Resource Types

This control targets the following resource types:

AWS > IAM > Role > Inline Policy

Primary Policies

The following policies can be used to configure this control:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved

Category URI

tmod:@turbot/turbot#/control/categories/resourceApproved

GraphQL

query controlType(id: "tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved"