Policy Packs

guardrails-samples

azure_iam_role_definition_approved

Determine the action to take when an Azure IAM role definition is not approved based on `Azure &gt; IAM &gt; Role Definition &gt; Approved &gt; *` policies.&#92;n&#92;nThe Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.&#92;n&#92;nFor any enforcement actions that specify `if new`, e.g., `Enforce: Delete unapproved if new`, this control will only take the enforcement actions for resources created within the last 60 minutes.&#92;n&#92;nSee [Approved](https://turbot.com/guardrails/docs/concepts/guardrails/approved) for more information.&#92;n

roleDefinitionApproved

Azure > IAM > Role Definition > Approved

turbot_policy_setting.azure_activedirectory_user_approved

Azure > Active Directory > User > Approved

turbot_policy_setting.azure_activedirectory_user_approved_custom

Azure > Active Directory > User > Approved > Custom

turbot_policy_setting.azure_iam_role_definition_approved

turbot_policy_setting.azure_iam_role_definition_approved_custom

Azure > IAM > Role Definition > Approved > Custom

Policy Setting: Azure > IAM > Role Definition > Approved

Policies

Source