Policy: AWS > Direct Connect > Enabled

Configure whether the AWS Direct Connect service is enabled. This will only affect Guardrails managed User Roles and will allow the Guardrails managed user to access AWS Direct Connect service. - Enabled policy allows Guardrails managed users to perform all the actions for the service - Enabled: Metadata Only policy allows Guardrails managed users to perform only the metadata level actions for the service (like describe*, list*)

Note: - Disabled policy disables the service but does NOT disable the API for Guardrails or SuperUsers - All the resource data stored in the Guardrails CMDB is considered to be metadata - For more information related to permissions and grant levels, please check the documentation

Targets

This policy targets the following resource types:

AWS > Account

Controls

Setting this policy configures these controls:

Policy Specification

Schema Type	`string`
Default	`Disabled`
Valid Values [YAML]	`Enabled` `Enabled: Metadata Only` `Disabled`
Examples [YAML]	`Enabled`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/iamPermissions

Policy Type URI

tmod:@turbot/aws-directconnect#/policy/types/directConnectEnabled

GraphQL

query policyType(id: "tmod:@turbot/aws-directconnect#/policy/types/directConnectEnabled") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-directconnect#/policy/types/directConnectEnabled'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-directconnect#/policy/types/directConnectEnabled'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-directconnect#/policy/types/directConnectEnabled"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-directconnect#/policy/types/directConnectEnabled"