Policy: AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-cloudfront

A read-only policy generated by Guardrails that lists the APIs that should be added to the guardrails-managed (hard) boundary policy, thereby enabling them to be assigned to users and roles. This value will change depending on the value of the value of the AWS > CloudFront > Permissions > Lockdown > API Boundary policy

Resource Types

This policy targets the following resource types:

AWS > Account

Primary Policy

This policy is used with the following primary policy:

AWS > Turbot > Permissions > Compiled > API Boundary

Policy Specification

Schema Type	`array`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/iamPermissions

Policy Type URI

tmod:@turbot/aws-cloudfront#/policy/types/awsCompiledApiBoundary

GraphQL

query policyType(id: "tmod:@turbot/aws-cloudfront#/policy/types/awsCompiledApiBoundary") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-cloudfront#/policy/types/awsCompiledApiBoundary'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-cloudfront#/policy/types/awsCompiledApiBoundary'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-cloudfront#/policy/types/awsCompiledApiBoundary"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-cloudfront#/policy/types/awsCompiledApiBoundary"