Policy: AWS > S3 > Multi-Region Access Point > Approved

Determine the action to take when an AWS S3 multi-region access point is not approved based on AWS > S3 > Multi-Region Access Point > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Resource Types

This policy targets the following resource types:

AWS > S3 > Multi-Region Access Point

Controls

AWS > S3 > Multi-Region Access Point > Approved

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Approved` `Enforce: Delete unapproved if new`
Examples [YAML]	`Check: Approved`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/resourceApproved

Policy Type URI

tmod:@turbot/aws-s3multiregionaccesspoint#/policy/types/multiregionAccessPointApproved

GraphQL

query policyType(id: "tmod:@turbot/aws-s3multiregionaccesspoint#/policy/types/multiregionAccessPointApproved") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-s3multiregionaccesspoint#/policy/types/multiregionAccessPointApproved'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-s3multiregionaccesspoint#/policy/types/multiregionAccessPointApproved'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-s3multiregionaccesspoint#/policy/types/multiregionAccessPointApproved"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-s3multiregionaccesspoint#/policy/types/multiregionAccessPointApproved"