aws.event-rule-target

Filters

• cross-account

• event

• list-item

• ops-item

• reduce

• value

cross-account

Check a resource’s embedded iam policy for cross account access.

Supports a whitelist_patterns option to skip principals whose identifier matches any of the provided fnmatch patterns. This is useful for ignoring unique identifiers left behind by deleted IAM principals (e.g. AIDA* for deleted IAM users, AROA* for deleted IAM roles) which AWS substitutes into resource policies when the original principal is removed. See IAM unique identifiers for the full list of prefixes.

- type: cross-account
  whitelist_patterns:
    - "AIDA*"
    - "AROA*"

properties:
  type:
    enum:
    - cross-account
  whitelist:
    items:
      type: string
    type: array
  whitelist_from:
    additionalProperties: 'False'
    properties:
      expr:
        oneOf:
        - type: integer
        - type: string
      format:
        enum:
        - csv
        - json
        - txt
        - csv2dict
      headers:
        patternProperties:
          ? ''
          : type: string
        type: object
      query:
        type: string
      url:
        type: string
    required:
    - url
    type: object
required:
- type

Permissions - events:ListTargetsByRule

Actions

• delete

• invoke-lambda

• invoke-sfn

• notify

• post-finding

• post-item

• put-metric

• webhook

delete

Parent base class for filters and actions.

properties:
  force:
    type: boolean
  type:
    enum:
    - delete
required:
- type

Permissions - events:RemoveTargets