Turbot Guardrails Hub 
Hub
Mods
AWS
171
Mods
429
Resource Types
6,702
Policies
2,320
Controls
1,637
Quick Actions
524
IAM

Policy: AWS > KMS > Key > Approved > Custom

Determine whether the AWS KMS key is allowed to exist. This policy will be evaluated by the Approved control. If an AWS KMS key is not approved, it will be subject to the action specified in the AWS > KMS > Key > Approved policy. See Approved for more information.

Note: The policy value must be a string with a value of Approved, Not approved or Skip, or in the form of YAML objects. The object(s) must contain the key result with its value as Approved or Not approved. A custom title and message can also be added using the keys title and message respectively.

Resource Types

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Controls

Policy Specification

Default
Skip
Examples [YAML]
  • Approved

  • result: Approved

  • title: KeyState
result: Approved

  • title: KeyState
message: KeyState is Enabled
result: Approved

  • title: KeyRotationStatus
message: KeyRotationStatus is not true
result: Not approved

  • - title: KeyState
  message: KeyState is Enabled
  result: Approved
- title: KeyRotationStatus
  message: KeyRotationStatus is not true
  result: Not approved

Category

In Your Workspace

Developers