Policy: AWS > Health > Permissions > Levels > Modifiers
A map of AWS API to Turbot Permission Level used to customize Turbot's standard permissions. You can add, remove or redefine the mapping of AWS API operations to Turbot permissions levels here.
Note: Modifiers are cumulative - if you add a permission to the Metadata level, it is also added to ReadOnly, Operator and Admin. Modifier policies set here apply ONLY to the AWS level
example:
- "glacier:createvault": admin
- "glacier:ListVaults": metadata
- "s3:DeleteBucket": none
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/iamPermissions
- tmod:@turbot/aws-health#/policy/types/healthPermissionsLevelsModifiers
- turbot graphql policy-type --id "tmod:@turbot/aws-health#/policy/types/healthPermissionsLevelsModifiers"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-health#/policy/types/healthPermissionsLevelsModifiers"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI