Control: AWS > Logs > Delivery Source > Active

Take an action when an AWS Logs delivery source is not active based on the AWS > Logs > Delivery Source > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > Logs > Delivery Source > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

Resource Types

This control targets the following resource types:

AWS > Logs > Delivery Source

Policies

The following policies can be used to configure this control:

AWS > Logs > Delivery Source > Active

This control type relies on these other policies when running actions:

Permissions

Cloud permissions used by this control and its actions:

logs:DeleteDeliverySource

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-logs#/control/types/deliverySourceActive

Category URI

tmod:@turbot/turbot#/control/categories/resourceActive

GraphQL

query controlType(id: "tmod:@turbot/aws-logs#/control/types/deliverySourceActive") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-logs#/control/types/deliverySourceActive'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-logs#/control/types/deliverySourceActive"