iam-inline-policy-blocked-kms-actions - AWS Config

翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。

iam-inline-policy-blocked-kms-actions

Checks that the inline policies attached to your IAM users, roles, and groups do not allow blocked actions on all AWS Key Management Service (KMS) keys. The rule is NON_COMPLIANT if any blocked action is allowed on all KMS keys in an inline policy.

Identifier: IAM_INLINE_POLICY_BLOCKED_KMS_ACTIONS

Trigger type: 設定変更

AWS Region: All supported AWS regions

パラメータ:

blockedActionsPatterns
タイプ: CSV

Comma-separated list of blocked KMS action patterns, for example, kms:*, kms:Decrypt, kms:ReEncrypt*.

AWS CloudFormation テンプレート

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.