Policy: AWS > Shield > Enabled
Configure whether the AWS Shield service is enabled. This will only affect Guardrails managed User Roles and will allow the Guardrails managed user to access AWS Shield service. - Enabled
policy allows Guardrails managed users to perform all the actions for the service - Enabled: Metadata Only
policy allows Guardrails managed users to perform only the metadata level actions for the service (like describe*
, list*
)
Note: - Disabled
policy disables the service but does NOT disable the API for Guardrails or SuperUsers - All the resource data stored in the Guardrails CMDB is considered to be metadata - For more information related to permissions and grant levels, please check the documentation
Resource Types
This policy targets the following resource types:
Policy Specification
Schema Type |
|
---|---|
Default |
|
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/iamPermissions
- tmod:@turbot/aws-shield#/policy/types/shieldEnabled
- turbot graphql policy-type --id "tmod:@turbot/aws-shield#/policy/types/shieldEnabled"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-shield#/policy/types/shieldEnabled"
Get Policy TypeGet Policy Settings