Skip to main content

πŸ”Œ AWS IAM Policy - object.extracts.yaml

  • Contextual name: πŸ”Œ object.extracts.yaml
  • ID: /types/CA10__CaAwsIamPolicy__c/object.extracts.yaml
  • Located in: πŸ“• AWS IAM Policy

Used In​

LogicPolicyFlags
🧠 prod.logic.yaml πŸŸ’πŸ“ AWS IAM AWSCloudShellFullAccess Policy is attached 🟒🟒 x3
🧠 prod.logic.yaml πŸŸ’πŸ“ AWS IAM Policy allows full administrative privileges 🟒🟒 x3
🧠 prod.logic.yaml πŸŸ’πŸ“ AWS Support Role is not created 🟒🟒 x3

Content​

Open File

# yaml-language-server: $schema=../../schema/Extracts.schema.json
---
extracts:
# Not Nullable. Can't have no Access, retrieved via iam:ListPolicies
- name: "CA10__name__c"
  value: 
    FIELD:
      path: "CA10__name__c"
      undeterminedIf:
        isEmpty: "Corrupted data. Policy Name cannot be empty."
# Checkbox. Can't have no Access, retrieved via iam:ListPolicies
- name: "CA10__attachable__c"
  value: 
    FIELD:
      path: "CA10__attachable__c"
- name: "CA10__attachmentCount__c"
  value: 
    FIELD:
      path: "CA10__attachmentCount__c"
- name: "CA10__policyDocument__c"
  value: 
    FIELD:
      path: CA10__policyDocument__c
      returnType: BYTES
      undeterminedIf:
        noAccessDelegate:
          path: "CA10__policyDocument__c"
          currentStateMessage: "Unable to determine the Policy Document. Possible permission issue with iam:GetPolicyVersion"
- name: "caJsonFrom_policyDocument__c"
  value:
    JSON_FROM:
      arg:
        EXTRACT: "CA10__policyDocument__c"
      undeterminedIf:
        isInvalid: "IAM policy document JSON is invalid"
# Not Nullable. Can't have no Access, retrieved via iam:ListPolicies
- name: "CA10__arn__c"
  value: 
    FIELD:
      path: CA10__arn__c
      undeterminedIf:
        isEmpty: "Corrupted data. Policy ARN cannot be empty."