🧠 AWS IAM User has more than one active SSH public key - prod.logic.yaml🟢

• Contextual name: 🧠 prod.logic.yaml🟢
• ID: /ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/prod.logic.yaml
• Tags:
  • 🟢 Logic test success
  • 🟢 Logic with extracts
  • 🟢 Logic with test data

Uses

• 📗 AWS IAM User
• 🔌 AWS IAM SSH Public Key - object.extracts.yaml
• 🧪 test-data.json

Test Results 🟢

Generated at: 2025-12-27T12:02:03.897593573Z Open

Result	Id	Condition Index	Condition Text	Runtime Error
🟢	001	✔️ 199	✔️ CA10__AWS_IAM_SSH_Public_Keys__r.count(COMPLIANT) == number(0.0)	✔️ null
🟢	002	✔️ 199	✔️ CA10__AWS_IAM_SSH_Public_Keys__r.count(COMPLIANT) == number(0.0)	✔️ null
🟢	003	✔️ 299	✔️ CA10__AWS_IAM_SSH_Public_Keys__r.count(COMPLIANT) > number(1.0)	✔️ null
🟢	004	✔️ 300	✔️ otherwise	✔️ null
🟢	005	✔️ 300	✔️ otherwise	✔️ null

Generation Bundle

	File	MD5
Open	/ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/policy.yaml	E4E99D285C3A836A2E99367650F98B20
Open	/ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/prod.logic.yaml	E0362808A9025EB0A51DEDB29EA02074
Open	/ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/test-data.json	69DA588430148D3DCA14B6701AB1B9EF
Open	/types/CA10__CaAwsIamSshPublicKey__c/object.extracts.yaml	484B2472B77AA746367697E1C8DF1B3B

Available Commands

repo-manager policies generate FULL /ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/aws/iam/user-has-more-than-one-active-ssh-public-key/prod.logic.yaml

Content

Open File

---
inputType: "CA10__CaAwsUser__c"
testData:
  - file: test-data.json
conditions:
  - status: "INAPPLICABLE"
    currentStateMessage: "The user doesn't have active SSH Public keys."
    check:
      IS_EQUAL:
        left:
          RELATED_LIST_COUNT:
            status: "COMPLIANT"
            relationshipName: "CA10__AWS_IAM_SSH_Public_Keys__r"
        right:
          NUMBER: 0.0
  - status: "INCOMPLIANT"
    currentStateMessage: "The user has more than one active SSH public key."
    remediationMessage: "Deactivate or remove the extra active SSH public keys."
    check:
      GREATER_THAN:
        left:
          RELATED_LIST_COUNT:
            status: "COMPLIANT"
            relationshipName: "CA10__AWS_IAM_SSH_Public_Keys__r"
        right:
          NUMBER: 1.0
otherwise:
  status:  "COMPLIANT"
  currentStateMessage: "This IAM user has only one active SSH Public key."
relatedLists:
  - relationshipName: "CA10__AWS_IAM_SSH_Public_Keys__r"
    importExtracts:
      - file: /types/CA10__CaAwsIamSshPublicKey__c/object.extracts.yaml
    conditions:
      - status: "COMPLIANT"
        currentStateMessage: "This is an active SSH public key."
        check:
          IS_EQUAL:
            left:
              EXTRACT: "CA10__status__c"
            right:
              TEXT: "Active"
    otherwise:
      status: "INCOMPLIANT"
      currentStateMessage: "This SSH public key is inactive."