Policy: AWS > Resource Access Manager > Enabled
Configure whether the AWS Resource Access Manager service is enabled. This will only affect Guardrails managed User Roles and will allow the Guardrails managed user to access AWS Resource Access Manager service. - Enabled
policy allows Guardrails managed users to perform all the actions for the service - Enabled: Metadata Only
policy allows Guardrails managed users to perform only the metadata level actions for the service (like describe*
, list*
)
Note: - Disabled
policy disables the service but does NOT disable the API for Guardrails or SuperUsers - All the resource data stored in the Guardrails CMDB is considered to be metadata - For more information related to permissions and grant levels, please check the documentation
Resource Types
This policy targets the following resource types:
Policy Specification
Schema Type |
|
---|---|
Default |
|
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/iamPermissions
- tmod:@turbot/aws-ram#/policy/types/ramEnabled
- turbot graphql policy-type --id "tmod:@turbot/aws-ram#/policy/types/ramEnabled"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-ram#/policy/types/ramEnabled"
Get Policy TypeGet Policy Settings