Control: AWS > IAM > Role > Inline Policy > Statements > Approved

Configure Statements for IAM roleInlinePolicy. This control defines whether the statements are approved, as well as the subsequent action to take on unapproved statements. Rules for all Approved policies will be compiled in Approved > Compiled Rules and then evaluated.

Resource Types

This control targets the following resource types:

AWS > IAM > Role > Inline Policy

Policies

The following policies can be used to configure this control:

AWS > IAM > Role > Inline Policy > Statements > Approved

This control type relies on these other policies when running actions:

AWS > IAM > Role > Inline Policy > Statements > Approved > Compiled Rules

Permissions

Cloud permissions used by this control and its actions:

iam:PutRolePolicy
iam:DeleteRolePolicy

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved

Category URI

tmod:@turbot/turbot#/control/categories/resourceApproved

GraphQL

query controlType(id: "tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-iam#/control/types/roleInlinePolicyStatementsApproved"