Policy: AWS > S3 > Trusted Services [Default]

List of AWS Services that are trusted for access in the AWS S3 policy.

This policy is used by the Trusted Access control to determine which members of type "service" are allowed to be granted access. You may use the '*' and '?' wildcard characters.

example: - "sns.amazonaws.com" - "ec2.amazonaws.com"

Note: Setting the policy to Empty array will remove all services.

Resource Types

This policy targets the following resource types:

AWS > Account

Policy Specification

Schema Type	`array`
Default template	`{% if $.trustedServices.value \| length == 0 %}[]{% else %}{% for item in $.trustedServices.value %}- '{{ item }}' {% endfor %}{% endif %}`
Default template input	`\| { trustedServices: policyValue(uri:"tmod:@turbot/aws#/policy/types/trustedServices") { value } }`

Schema Type

array

Default template

{% if $.trustedServices.value | length == 0 %}[]{% else %}{% for item in $.trustedServices.value %}- '{{ item }}'
{% endfor %}{% endif %}

Default template input

|
  {
    trustedServices: policyValue(uri:"tmod:@turbot/aws#/policy/types/trustedServices") {
      value
    }
  }

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/securityTrustedAccess

Policy Type URI

tmod:@turbot/aws-s3#/policy/types/s3PolicyTrustedServices

GraphQL

query policyType(id: "tmod:@turbot/aws-s3#/policy/types/s3PolicyTrustedServices") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-s3#/policy/types/s3PolicyTrustedServices'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-s3#/policy/types/s3PolicyTrustedServices'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-s3#/policy/types/s3PolicyTrustedServices"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-s3#/policy/types/s3PolicyTrustedServices"