Mod: aws-iam
The aws-iam mod consists of 22 resource types, 320 policies, 129 controls and 68 actions.
Recommended Version
Resource Types
- AWS > IAM
- AWS > IAM > Access Analyzer
- AWS > IAM > Access Key
- AWS > IAM > Account Password Policy
- AWS > IAM > Account Summary
- AWS > IAM > Credential Report
- AWS > IAM > Group
- AWS > IAM > Group > Group Policy Attachments
- AWS > IAM > Group > Inline Policy
- AWS > IAM > Instance Profile
- AWS > IAM > MFA Virtual
- AWS > IAM > OpenID Connect
- AWS > IAM > Policy
- AWS > IAM > Role
- AWS > IAM > Role > Inline Policy
- AWS > IAM > Role > Role Policy Attachments
- AWS > IAM > Root
- AWS > IAM > Server Certificate
- AWS > IAM > User
- AWS > IAM > User > Group Memberships
- AWS > IAM > User > Inline Policy
- AWS > IAM > User > User Policy Attachments
Controls
- AWS > IAM > Access Analyzer > Active
- AWS > IAM > Access Analyzer > Approved
- AWS > IAM > Access Analyzer > CMDB
- AWS > IAM > Access Analyzer > Configured
- AWS > IAM > Access Analyzer > Discovery
- AWS > IAM > Access Analyzer > Tags
- AWS > IAM > Access Key > Active
- AWS > IAM > Access Key > CMDB
- AWS > IAM > Access Key > Configured
- AWS > IAM > Access Key > Discovery
- AWS > IAM > Access Key > Usage
- AWS > IAM > Account Password Policy > CMDB
- AWS > IAM > Account Password Policy > Configured
- AWS > IAM > Account Password Policy > Discovery
- AWS > IAM > Account Password Policy > Settings
- AWS > IAM > Account Summary > CMDB
- AWS > IAM > Account Summary > Discovery
- AWS > IAM > Credential Report > CMDB
- AWS > IAM > Credential Report > Discovery
- AWS > IAM > Group > Active
- AWS > IAM > Group > Approved
- AWS > IAM > Group > CMDB
- AWS > IAM > Group > Configured
- AWS > IAM > Group > Discovery
- AWS > IAM > Group > Group Policy Attachments > Active
- AWS > IAM > Group > Group Policy Attachments > CMDB
- AWS > IAM > Group > Group Policy Attachments > Configured
- AWS > IAM > Group > Group Policy Attachments > Discovery
- AWS > IAM > Group > Inline Policy > Approved
- AWS > IAM > Group > Inline Policy > CMDB
- AWS > IAM > Group > Inline Policy > Discovery
- AWS > IAM > Group > Inline Policy > Statements
- AWS > IAM > Group > Inline Policy > Statements > Approved
- AWS > IAM > Group > Policy Attachments
- AWS > IAM > Group > Policy Attachments > Approved
- AWS > IAM > Group > Policy Attachments > Required
- AWS > IAM > Group > Usage
- AWS > IAM > Instance Profile > CMDB
- AWS > IAM > Instance Profile > Configured
- AWS > IAM > Instance Profile > Discovery
- AWS > IAM > MFA Virtual > Active
- AWS > IAM > MFA Virtual > CMDB
- AWS > IAM > MFA Virtual > Discovery
- AWS > IAM > OpenID Connect > Active
- AWS > IAM > OpenID Connect > Approved
- AWS > IAM > OpenID Connect > CMDB
- AWS > IAM > OpenID Connect > Configured
- AWS > IAM > OpenID Connect > Discovery
- AWS > IAM > OpenID Connect > Tags
- AWS > IAM > OpenID Connect > Usage
- AWS > IAM > Policy > Active
- AWS > IAM > Policy > Approved
- AWS > IAM > Policy > CMDB
- AWS > IAM > Policy > Configured
- AWS > IAM > Policy > Discovery
- AWS > IAM > Policy > Statements
- AWS > IAM > Policy > Statements > Approved
- AWS > IAM > Role > Active
- AWS > IAM > Role > Approved
- AWS > IAM > Role > Boundary
- AWS > IAM > Role > CMDB
- AWS > IAM > Role > Configured
- AWS > IAM > Role > Discovery
- AWS > IAM > Role > Inline Policy > Approved
- AWS > IAM > Role > Inline Policy > CMDB
- AWS > IAM > Role > Inline Policy > Configured
- AWS > IAM > Role > Inline Policy > Discovery
- AWS > IAM > Role > Inline Policy > Statements
- AWS > IAM > Role > Inline Policy > Statements > Approved
- AWS > IAM > Role > Policy
- AWS > IAM > Role > Policy > Trusted Access
- AWS > IAM > Role > Policy Attachments
- AWS > IAM > Role > Policy Attachments > Approved
- AWS > IAM > Role > Policy Attachments > Required
- AWS > IAM > Role > Role Policy Attachments > Active
- AWS > IAM > Role > Role Policy Attachments > CMDB
- AWS > IAM > Role > Role Policy Attachments > Configured
- AWS > IAM > Role > Role Policy Attachments > Discovery
- AWS > IAM > Role > Tags
- AWS > IAM > Role > Trust Relationship Statements
- AWS > IAM > Role > Trust Relationship Statements > Approved
- AWS > IAM > Role > Usage
- AWS > IAM > Root > Approved
- AWS > IAM > Root > CMDB
- AWS > IAM > Root > Configured
- AWS > IAM > Root > Discovery
- AWS > IAM > Server Certificate > Active
- AWS > IAM > Server Certificate > Approved
- AWS > IAM > Server Certificate > CMDB
- AWS > IAM > Server Certificate > Discovery
- AWS > IAM > Server Certificate > Tags
- AWS > IAM > Server Certificate > Usage
- AWS > IAM > Stack
- AWS > IAM > User > Active
- AWS > IAM > User > Approved
- AWS > IAM > User > Boundary
- AWS > IAM > User > CMDB
- AWS > IAM > User > Configured
- AWS > IAM > User > Discovery
- AWS > IAM > User > Group Memberships > CMDB
- AWS > IAM > User > Group Memberships > Configured
- AWS > IAM > User > Group Memberships > Discovery
- AWS > IAM > User > Inline Policy > Approved
- AWS > IAM > User > Inline Policy > CMDB
- AWS > IAM > User > Inline Policy > Discovery
- AWS > IAM > User > Inline Policy > Statements
- AWS > IAM > User > Inline Policy > Statements > Approved
- AWS > IAM > User > Login Profile
- AWS > IAM > User > Policy Attachments
- AWS > IAM > User > Policy Attachments > Approved
- AWS > IAM > User > Policy Attachments > Required
- AWS > IAM > User > Tags
- AWS > IAM > User > Turbot Access Key
- AWS > IAM > User > Turbot Access Key > Rotation
- AWS > IAM > User > Usage
- AWS > IAM > User > User Policy Attachments > Active
- AWS > IAM > User > User Policy Attachments > CMDB
- AWS > IAM > User > User Policy Attachments > Configured
- AWS > IAM > User > User Policy Attachments > Discovery
- AWS > Turbot > IAM
- AWS > Turbot > IAM > Group
- AWS > Turbot > IAM > Group > Managed
- AWS > Turbot > IAM > Managed
- AWS > Turbot > IAM > Policy
- AWS > Turbot > IAM > Policy > Managed
- AWS > Turbot > IAM > Role
- AWS > Turbot > IAM > Role > Managed
- AWS > Turbot > IAM > User
- AWS > Turbot > IAM > User > Managed
IAM Roles
Quick Actions
- AWS > IAM > Access Analyzer > Delete from AWS
- AWS > IAM > Access Analyzer > Set Tags
- AWS > IAM > Access Analyzer > Skip alarm for Active control
- AWS > IAM > Access Analyzer > Skip alarm for Active control [90 days]
- AWS > IAM > Access Analyzer > Skip alarm for Approved control
- AWS > IAM > Access Analyzer > Skip alarm for Approved control [90 days]
- AWS > IAM > Access Analyzer > Skip alarm for Tags control
- AWS > IAM > Access Analyzer > Skip alarm for Tags control [90 days]
- AWS > IAM > Access Key > Delete from AWS
- AWS > IAM > Access Key > Skip alarm for Active control
- AWS > IAM > Access Key > Skip alarm for Active control [90 days]
- AWS > IAM > Group > Delete from AWS
- AWS > IAM > Group > Inline Policy > Delete from AWS
- AWS > IAM > Group > Inline Policy > Skip alarm for Approved control
- AWS > IAM > Group > Inline Policy > Skip alarm for Approved control [90 days]
- AWS > IAM > Group > Skip alarm for Active control
- AWS > IAM > Group > Skip alarm for Active control [90 days]
- AWS > IAM > Group > Skip alarm for Approved control
- AWS > IAM > Group > Skip alarm for Approved control [90 days]
- AWS > IAM > OpenID Connect > Delete from AWS
- AWS > IAM > OpenID Connect > Set Tags
- AWS > IAM > OpenID Connect > Skip alarm for Active control
- AWS > IAM > OpenID Connect > Skip alarm for Active control [90 days]
- AWS > IAM > OpenID Connect > Skip alarm for Approved control
- AWS > IAM > OpenID Connect > Skip alarm for Approved control [90 days]
- AWS > IAM > OpenID Connect > Skip alarm for Tags control
- AWS > IAM > OpenID Connect > Skip alarm for Tags control [90 days]
- AWS > IAM > Policy > Delete from AWS
- AWS > IAM > Policy > Skip alarm for Active control
- AWS > IAM > Policy > Skip alarm for Active control [90 days]
- AWS > IAM > Policy > Skip alarm for Approved control
- AWS > IAM > Policy > Skip alarm for Approved control [90 days]
- AWS > IAM > Role > Attach Quarantine policy
- AWS > IAM > Role > Attach Quarantine policy
- AWS > IAM > Role > Delete from AWS
- AWS > IAM > Role > Detach Quarantine policy
- AWS > IAM > Role > Detach Quarantine policy
- AWS > IAM > Role > Inline Policy > Delete from AWS
- AWS > IAM > Role > Inline Policy > Skip alarm for Approved control
- AWS > IAM > Role > Inline Policy > Skip alarm for Approved control [90 days]
- AWS > IAM > Role > Set Tags
- AWS > IAM > Role > Skip alarm for Active control
- AWS > IAM > Role > Skip alarm for Active control [90 days]
- AWS > IAM > Role > Skip alarm for Approved control
- AWS > IAM > Role > Skip alarm for Approved control [90 days]
- AWS > IAM > Role > Skip alarm for Tags control
- AWS > IAM > Role > Skip alarm for Tags control [90 days]
- AWS > IAM > Root > Skip alarm for Approved control
- AWS > IAM > Root > Skip alarm for Approved control [90 days]
- AWS > IAM > Server Certificate > Delete from AWS
- AWS > IAM > Server Certificate > Set Tags
- AWS > IAM > Server Certificate > Skip alarm for Active control
- AWS > IAM > Server Certificate > Skip alarm for Active control [90 days]
- AWS > IAM > Server Certificate > Skip alarm for Approved control
- AWS > IAM > Server Certificate > Skip alarm for Approved control [90 days]
- AWS > IAM > Server Certificate > Skip alarm for Tags control
- AWS > IAM > Server Certificate > Skip alarm for Tags control [90 days]
- AWS > IAM > User > Delete from AWS
- AWS > IAM > User > Inline Policy > Delete from AWS
- AWS > IAM > User > Inline Policy > Skip alarm for Approved control
- AWS > IAM > User > Inline Policy > Skip alarm for Approved control [90 days]
- AWS > IAM > User > Set Tags
- AWS > IAM > User > Skip alarm for Active control
- AWS > IAM > User > Skip alarm for Active control [90 days]
- AWS > IAM > User > Skip alarm for Approved control
- AWS > IAM > User > Skip alarm for Approved control [90 days]
- AWS > IAM > User > Skip alarm for Tags control
- AWS > IAM > User > Skip alarm for Tags control [90 days]
Policies
- AWS > Account > Permissions
- AWS > Account > Permissions > Lockdown
- AWS > Account > Permissions > Lockdown > Budget
- AWS > Account > Permissions > Lockdown > Budget > Restricted APIs
- AWS > IAM > Access Analyzer > Active
- AWS > IAM > Access Analyzer > Active > Age
- AWS > IAM > Access Analyzer > Active > Last Modified
- AWS > IAM > Access Analyzer > Approved
- AWS > IAM > Access Analyzer > Approved > Custom
- AWS > IAM > Access Analyzer > Approved > Regions
- AWS > IAM > Access Analyzer > Approved > Usage
- AWS > IAM > Access Analyzer > CMDB
- AWS > IAM > Access Analyzer > Configured
- AWS > IAM > Access Analyzer > Configured > Claim Precedence
- AWS > IAM > Access Analyzer > Configured > Source
- AWS > IAM > Access Analyzer > Regions
- AWS > IAM > Access Analyzer > Tags
- AWS > IAM > Access Analyzer > Tags > Template
- AWS > IAM > Access Key > Active
- AWS > IAM > Access Key > Active > Age
- AWS > IAM > Access Key > Active > Last Modified
- AWS > IAM > Access Key > Active > Latest
- AWS > IAM > Access Key > Active > Recently Used
- AWS > IAM > Access Key > Active > Status
- AWS > IAM > Access Key > CMDB
- AWS > IAM > Access Key > Configured
- AWS > IAM > Access Key > Configured > Claim Precedence
- AWS > IAM > Access Key > Configured > Source
- AWS > IAM > Access Key > Usage
- AWS > IAM > Access Key > Usage > Limit
- AWS > IAM > Account Password Policy > CMDB
- AWS > IAM > Account Password Policy > Configured
- AWS > IAM > Account Password Policy > Configured > Claim Precedence
- AWS > IAM > Account Password Policy > Configured > Source
- AWS > IAM > Account Password Policy > Settings
- AWS > IAM > Account Password Policy > Settings > Allow Users to Change
- AWS > IAM > Account Password Policy > Settings > Hard Expiry
- AWS > IAM > Account Password Policy > Settings > Max Age
- AWS > IAM > Account Password Policy > Settings > Minimum Length
- AWS > IAM > Account Password Policy > Settings > Require Lowercase Characters
- AWS > IAM > Account Password Policy > Settings > Require Numbers
- AWS > IAM > Account Password Policy > Settings > Require Symbols
- AWS > IAM > Account Password Policy > Settings > Require Uppercase Characters
- AWS > IAM > Account Password Policy > Settings > Reuse Prevention
- AWS > IAM > Account Summary > CMDB
- AWS > IAM > API Enabled
- AWS > IAM > Credential Report > CMDB
- AWS > IAM > Enabled
- AWS > IAM > Group > Active
- AWS > IAM > Group > Active > Age
- AWS > IAM > Group > Active > Budget
- AWS > IAM > Group > Active > Last Modified
- AWS > IAM > Group > Approved
- AWS > IAM > Group > Approved > Budget
- AWS > IAM > Group > Approved > Custom
- AWS > IAM > Group > Approved > Turbot
- AWS > IAM > Group > Approved > Usage
- AWS > IAM > Group > CMDB
- AWS > IAM > Group > Configured
- AWS > IAM > Group > Configured > Claim Precedence
- AWS > IAM > Group > Configured > Source
- AWS > IAM > Group > Group Policy Attachments > Active
- AWS > IAM > Group > Group Policy Attachments > Active > Last Modified
- AWS > IAM > Group > Group Policy Attachments > CMDB
- AWS > IAM > Group > Group Policy Attachments > Configured
- AWS > IAM > Group > Group Policy Attachments > Configured > Claim Precedence
- AWS > IAM > Group > Group Policy Attachments > Configured > Source
- AWS > IAM > Group > Inline Policy > Approved
- AWS > IAM > Group > Inline Policy > Approved > Custom
- AWS > IAM > Group > Inline Policy > Approved > Usage
- AWS > IAM > Group > Inline Policy > CMDB
- AWS > IAM > Group > Inline Policy > Statements
- AWS > IAM > Group > Inline Policy > Statements > Approved
- AWS > IAM > Group > Inline Policy > Statements > Approved > Administrator Access
- AWS > IAM > Group > Inline Policy > Statements > Approved > Compiled Rules
- AWS > IAM > Group > Inline Policy > Statements > Approved > Rules
- AWS > IAM > Group > Policy Attachments
- AWS > IAM > Group > Policy Attachments > Approved
- AWS > IAM > Group > Policy Attachments > Approved > Compiled Rules
- AWS > IAM > Group > Policy Attachments > Approved > Rules
- AWS > IAM > Group > Policy Attachments > Required
- AWS > IAM > Group > Policy Attachments > Required > Compiled Items
- AWS > IAM > Group > Policy Attachments > Required > Items
- AWS > IAM > Group > Usage
- AWS > IAM > Group > Usage > Limit
- AWS > IAM > Instance Profile > CMDB
- AWS > IAM > Instance Profile > Configured
- AWS > IAM > Instance Profile > Configured > Claim Precedence
- AWS > IAM > Instance Profile > Configured > Source
- AWS > IAM > Login User Names
- AWS > IAM > MFA Virtual > Active
- AWS > IAM > MFA Virtual > Active > Last Modified
- AWS > IAM > MFA Virtual > CMDB
- AWS > IAM > OpenID Connect > Active
- AWS > IAM > OpenID Connect > Active > Age
- AWS > IAM > OpenID Connect > Active > Last Modified
- AWS > IAM > OpenID Connect > Approved
- AWS > IAM > OpenID Connect > Approved > Custom
- AWS > IAM > OpenID Connect > Approved > Usage
- AWS > IAM > OpenID Connect > CMDB
- AWS > IAM > OpenID Connect > Configured
- AWS > IAM > OpenID Connect > Configured > Claim Precedence
- AWS > IAM > OpenID Connect > Configured > Source
- AWS > IAM > OpenID Connect > Tags
- AWS > IAM > OpenID Connect > Tags > Template
- AWS > IAM > OpenID Connect > Usage
- AWS > IAM > OpenID Connect > Usage > Limit
- AWS > IAM > Permissions
- AWS > IAM > Permissions > Levels
- AWS > IAM > Permissions > Levels > Modifiers
- AWS > IAM > Permissions > Levels > Service User Access Key Administration
- AWS > IAM > Permissions > Levels > Service User Administration
- AWS > IAM > Permissions > Levels > Service User Password Administration
- AWS > IAM > Permissions > Lockdown
- AWS > IAM > Permissions > Lockdown > API Boundary
- AWS > IAM > Policy > Active
- AWS > IAM > Policy > Active > Age
- AWS > IAM > Policy > Active > Last Modified
- AWS > IAM > Policy > Approved
- AWS > IAM > Policy > Approved > Custom
- AWS > IAM > Policy > Approved > Turbot
- AWS > IAM > Policy > Approved > Usage
- AWS > IAM > Policy > CMDB
- AWS > IAM > Policy > Configured
- AWS > IAM > Policy > Configured > Claim Precedence
- AWS > IAM > Policy > Configured > Source
- AWS > IAM > Policy > Statements
- AWS > IAM > Policy > Statements > Approved
- AWS > IAM > Policy > Statements > Approved > Administrator Access
- AWS > IAM > Policy > Statements > Approved > Compiled Rules
- AWS > IAM > Policy > Statements > Approved > Rules
- AWS > IAM > Policy > Statements > Approved > Turbot
- AWS > IAM > Role > Active
- AWS > IAM > Role > Active > Age
- AWS > IAM > Role > Active > Last Modified
- AWS > IAM > Role > Active > Quarantine Policy Name
- AWS > IAM > Role > Active > Recently Used
- AWS > IAM > Role > Approved
- AWS > IAM > Role > Approved > Custom
- AWS > IAM > Role > Approved > Quarantine Policy Name
- AWS > IAM > Role > Approved > Turbot
- AWS > IAM > Role > Approved > Usage
- AWS > IAM > Role > Boundary
- AWS > IAM > Role > Boundary > Policy
- AWS > IAM > Role > CMDB
- AWS > IAM > Role > Configured
- AWS > IAM > Role > Configured > Claim Precedence
- AWS > IAM > Role > Configured > Source
- AWS > IAM > Role > Inline Policy > Approved
- AWS > IAM > Role > Inline Policy > Approved > Custom
- AWS > IAM > Role > Inline Policy > Approved > Usage
- AWS > IAM > Role > Inline Policy > CMDB
- AWS > IAM > Role > Inline Policy > Configured
- AWS > IAM > Role > Inline Policy > Configured > Claim Precedence
- AWS > IAM > Role > Inline Policy > Configured > Source
- AWS > IAM > Role > Inline Policy > Statements
- AWS > IAM > Role > Inline Policy > Statements > Approved
- AWS > IAM > Role > Inline Policy > Statements > Approved > Administrator Access
- AWS > IAM > Role > Inline Policy > Statements > Approved > Compiled Rules
- AWS > IAM > Role > Inline Policy > Statements > Approved > Rules
- AWS > IAM > Role > Policy
- AWS > IAM > Role > Policy > Trusted Access
- AWS > IAM > Role > Policy > Trusted Access > Accounts
- AWS > IAM > Role > Policy > Trusted Access > Identity Providers
- AWS > IAM > Role > Policy > Trusted Access > Organization Restrictions
- AWS > IAM > Role > Policy > Trusted Access > Services
- AWS > IAM > Role > Policy Attachments
- AWS > IAM > Role > Policy Attachments > Approved
- AWS > IAM > Role > Policy Attachments > Approved > Compiled Rules
- AWS > IAM > Role > Policy Attachments > Approved > Rules
- AWS > IAM > Role > Policy Attachments > Required
- AWS > IAM > Role > Policy Attachments > Required > Compiled Items
- AWS > IAM > Role > Policy Attachments > Required > Items
- AWS > IAM > Role > Policy Attachments > Required > Turbot Lockdown
- AWS > IAM > Role > Role Policy Attachments > Active
- AWS > IAM > Role > Role Policy Attachments > Active > Last Modified
- AWS > IAM > Role > Role Policy Attachments > CMDB
- AWS > IAM > Role > Role Policy Attachments > Configured
- AWS > IAM > Role > Role Policy Attachments > Configured > Claim Precedence
- AWS > IAM > Role > Role Policy Attachments > Configured > Source
- AWS > IAM > Role > Tags
- AWS > IAM > Role > Tags > Template
- AWS > IAM > Role > Trust Relationship Statements
- AWS > IAM > Role > Trust Relationship Statements > Approved
- AWS > IAM > Role > Trust Relationship Statements > Approved > Compiled Rules
- AWS > IAM > Role > Trust Relationship Statements > Approved > Rules
- AWS > IAM > Role > Trust Relationship Statements > Approved > Trusted Accounts [Deprecated]
- AWS > IAM > Role > Trust Relationship Statements > Approved > Trusted Identity Providers [Deprecated]
- AWS > IAM > Role > Trust Relationship Statements > Approved > Trusted Services [Deprecated]
- AWS > IAM > Role > Usage
- AWS > IAM > Role > Usage > Limit
- AWS > IAM > Root > Approved
- AWS > IAM > Root > Approved > Custom
- AWS > IAM > Root > Approved > Usage
- AWS > IAM > Root > CMDB
- AWS > IAM > Root > Configured
- AWS > IAM > Root > Configured > Claim Precedence
- AWS > IAM > Root > Configured > Source
- AWS > IAM > Server Certificate > Active
- AWS > IAM > Server Certificate > Active > Age
- AWS > IAM > Server Certificate > Active > Expired
- AWS > IAM > Server Certificate > Active > Last Modified
- AWS > IAM > Server Certificate > Approved
- AWS > IAM > Server Certificate > Approved > Custom
- AWS > IAM > Server Certificate > Approved > Usage
- AWS > IAM > Server Certificate > CMDB
- AWS > IAM > Server Certificate > Tags
- AWS > IAM > Server Certificate > Tags > Template
- AWS > IAM > Server Certificate > Usage
- AWS > IAM > Server Certificate > Usage > Limit
- AWS > IAM > Stack
- AWS > IAM > Stack > Secret Variables
- AWS > IAM > Stack > Source
- AWS > IAM > Stack > Terraform Version
- AWS > IAM > Stack > Variables
- AWS > IAM > Tags Template [Default]
- AWS > IAM > Trusted Accounts [Default]
- AWS > IAM > Trusted Identity Providers [Default]
- AWS > IAM > Trusted Organizations [Default]
- AWS > IAM > Trusted Services [Default]
- AWS > IAM > User > Active
- AWS > IAM > User > Active > Age
- AWS > IAM > User > Active > Last Modified
- AWS > IAM > User > Active > Recently Used
- AWS > IAM > User > Approved
- AWS > IAM > User > Approved > Custom
- AWS > IAM > User > Approved > Turbot
- AWS > IAM > User > Approved > Usage
- AWS > IAM > User > Boundary
- AWS > IAM > User > Boundary > Policy
- AWS > IAM > User > CMDB
- AWS > IAM > User > Configured
- AWS > IAM > User > Configured > Claim Precedence
- AWS > IAM > User > Configured > Source
- AWS > IAM > User > Group Memberships > CMDB
- AWS > IAM > User > Group Memberships > Configured
- AWS > IAM > User > Group Memberships > Configured > Claim Precedence
- AWS > IAM > User > Group Memberships > Configured > Source
- AWS > IAM > User > Inline Policy > Approved
- AWS > IAM > User > Inline Policy > Approved > Custom
- AWS > IAM > User > Inline Policy > Approved > Usage
- AWS > IAM > User > Inline Policy > CMDB
- AWS > IAM > User > Inline Policy > Statements
- AWS > IAM > User > Inline Policy > Statements > Approved
- AWS > IAM > User > Inline Policy > Statements > Approved > Administrator Access
- AWS > IAM > User > Inline Policy > Statements > Approved > Compiled Rules
- AWS > IAM > User > Inline Policy > Statements > Approved > Rules
- AWS > IAM > User > Login Profile
- AWS > IAM > User > Policy Attachments
- AWS > IAM > User > Policy Attachments > Approved
- AWS > IAM > User > Policy Attachments > Approved > Compiled Rules
- AWS > IAM > User > Policy Attachments > Approved > Rules
- AWS > IAM > User > Policy Attachments > Required
- AWS > IAM > User > Policy Attachments > Required > Compiled Items
- AWS > IAM > User > Policy Attachments > Required > Items
- AWS > IAM > User > Policy Attachments > Required > Turbot Lockdown
- AWS > IAM > User > Tags
- AWS > IAM > User > Tags > Template
- AWS > IAM > User > Turbot Access Key
- AWS > IAM > User > Turbot Access Key > Rotation
- AWS > IAM > User > Turbot Secret Access Key
- AWS > IAM > User > Usage
- AWS > IAM > User > Usage > Limit
- AWS > IAM > User > User Policy Attachments > Active
- AWS > IAM > User > User Policy Attachments > Active > Last Modified
- AWS > IAM > User > User Policy Attachments > CMDB
- AWS > IAM > User > User Policy Attachments > Configured
- AWS > IAM > User > User Policy Attachments > Configured > Claim Precedence
- AWS > IAM > User > User Policy Attachments > Configured > Source
- AWS > Turbot > Event Handlers > Events > Rules > Custom Event Patterns > @turbot/aws-iam
- AWS > Turbot > IAM
- AWS > Turbot > IAM > Managed
- AWS > Turbot > Permissions
- AWS > Turbot > Permissions > Compiled
- AWS > Turbot > Permissions > Compiled > Account Permissions
- AWS > Turbot > Permissions > Compiled > Allow Statements
- AWS > Turbot > Permissions > Compiled > API Boundary
- AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-iam
- AWS > Turbot > Permissions > Compiled > Levels
- AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-iam
- AWS > Turbot > Permissions > Compiled > Lockdown Statements
- AWS > Turbot > Permissions > Compiled > Lockdown Statements > @turbot/aws-iam
- AWS > Turbot > Permissions > Compiled > Service Permissions
- AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-iam
- AWS > Turbot > Permissions > Custom Group Levels [Account]
- AWS > Turbot > Permissions > Custom Role Levels [Account]
- AWS > Turbot > Permissions > Custom Role Levels [Folder]
- AWS > Turbot > Permissions > Group
- AWS > Turbot > Permissions > Group > Name Path
- AWS > Turbot > Permissions > Group > Name Prefix
- AWS > Turbot > Permissions > Levels
- AWS > Turbot > Permissions > Levels [Default]
- AWS > Turbot > Permissions > Levels > Modifiers
- AWS > Turbot > Permissions > Lockdown
- AWS > Turbot > Permissions > Lockdown > API Boundary
- AWS > Turbot > Permissions > Lockdown > Region Boundary
- AWS > Turbot > Permissions > Lockdown > Regions
- AWS > Turbot > Permissions > Name Path [Default]
- AWS > Turbot > Permissions > Name Prefix [Default]
- AWS > Turbot > Permissions > Policy
- AWS > Turbot > Permissions > Policy > Name Path
- AWS > Turbot > Permissions > Policy > Name Prefix
- AWS > Turbot > Permissions > Role
- AWS > Turbot > Permissions > Role > Name Path
- AWS > Turbot > Permissions > Role > Name Prefix
- AWS > Turbot > Permissions > Role > Session Timeout
- AWS > Turbot > Permissions > Role > Tags
- AWS > Turbot > Permissions > Source
- AWS > Turbot > Permissions > Superuser Boundary
- AWS > Turbot > Permissions > Tags Default
- AWS > Turbot > Permissions > Terraform Version
- AWS > Turbot > Permissions > User
- AWS > Turbot > Permissions > User > Access Keys Enabled
- AWS > Turbot > Permissions > User > Group Membership Mode
- AWS > Turbot > Permissions > User > Name Path
- AWS > Turbot > Permissions > User > Session Timeout
- AWS > Turbot > Permissions > User > Tags
- AWS > Turbot > Permissions > User Boundary
- Turbot > IAM > Permissions > Compiled > Levels > AWS
- Turbot > IAM > Permissions > Compiled > Levels > AWS [Turbot]
Policy Packs
- AWS CIS v3.0.0 - Section 1 - Identity and Access Management
- Check MFA Is Enabled for AWS IAM Root Accounts
- Deny all AWS IAM actions from Unapproved Networks
- Enforce AWS IAM Access Keys Are Not Older Than 90 Days
- Enforce AWS IAM Account Password Policy Settings
- Enforce AWS IAM Policies Do Not Have Admin Privileges
- Enforce AWS IAM Roles Restrict Access
- Enforce Backups of EBS Volumes
- Enforce MFA Is Enabled for AWS IAM Users