Control: AWS > S3 > Multi-Region Access Point > Approved

Take an action when an AWS S3 multi-region access point is not approved based on AWS > S3 > Multi-Region Access Point > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Resource Types

This control targets the following resource types:

AWS > S3 > Multi-Region Access Point

Policies

The following policies can be used to configure this control:

AWS > S3 > Multi-Region Access Point > Approved

This control type relies on these other policies when running actions:

Quick Actions

Permissions

Cloud permissions used by this control and its actions:

s3:DeleteMultiRegionAccessPoint

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-s3multiregionaccesspoint#/control/types/multiregionAccessPointApproved

Category URI

tmod:@turbot/turbot#/control/categories/resourceApproved

GraphQL

query controlType(id: "tmod:@turbot/aws-s3multiregionaccesspoint#/control/types/multiregionAccessPointApproved") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-s3multiregionaccesspoint#/control/types/multiregionAccessPointApproved'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-s3multiregionaccesspoint#/control/types/multiregionAccessPointApproved"