ServiceNow CMDB CI relationship sync: faster, more complete →
Mods
AWS

Policy: AWS > KMS > Key > Approved > Custom

Determine whether the AWS KMS key is allowed to exist. This policy will be evaluated by the Approved control. If an AWS KMS key is not approved, it will be subject to the action specified in the AWS > KMS > Key > Approved policy. See Approved for more information.

Note: The policy value must be a string with a value of Approved, Not approved or Skip, or in the form of YAML objects. The object(s) must contain the key result with its value as Approved or Not approved. A custom title and message can also be added using the keys title and message respectively.

Resource Types

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Controls

Policy Specification

Default
Skip
Examples [YAML]
  • Approved
    
  • result: Approved
    
  • title: KeyState
    result: Approved
    
  • title: KeyState
    message: KeyState is Enabled
    result: Approved
    
  • title: KeyRotationStatus
    message: KeyRotationStatus is not true
    result: Not approved
    
  • - title: KeyState
      message: KeyState is Enabled
      result: Approved
    - title: KeyRotationStatus
      message: KeyRotationStatus is not true
      result: Not approved
    

Category

In Your Workspace

Developers