-
We are managing lot of AWS accounts that have identical IAM role names. In the onelogin portal for the AWS app, the listing of AWS roles we have access include the Account Number, but also the ALIAS…
-
The announcement of IAM Access Analyzer on the 2nd December sees the introduction of a capability that mathematically analyzes access control policies attached to resources (S3, IAM Role, Lambda, KM…
-
This might be similar to #436, where upstream changes haven't been synced yet - listing it here in case it is some sort of a special case.
https://docs.aws.amazon.com/accounts/latest/reference/API_…
-
### Community Note
* Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help…
-
**Describe the bug**
LZA has OU in organization-config that is set with ignored=true. Security services (Security Hub and GuardDuty) are also enabled in security-config but is expectation is that the…
-
## Allow CodePipeline to deploy SERVICE_MANAGED StackSets in non-root accounts via Delegated Administrator
## Scope of request
CloudFormation recently added support do deploy StackSets via Delega…
-
### Describe the bug
The `pipelines` module in the `CodePipeline` construct, when setup to be self-mutating, takes any `primary_output_directory` property defined for the synth `ShellStep` as well as…
-
It appears the account ID used in this attack (193672423079) is used by AWS for RedShift logs. Some tools use lists like the one from Cloudmapper (https://github.com/duo-labs/cloudmapper/blob/main/ve…
m4wk updated
9 months ago
-
**Describe the bug**
C7n-org generates errors when the AWS service doesn't exist:
**"2020-05-04 14:24:45,835: c7n_org:ERROR Exception running policy:fsx-delete-non-compliant account:sandbox region…
-
Currently `audit_events_uri` does not support an Amazon Resource Name (ARN) of a DynamoDB table as a directive.
Teleport passes a table name as such:
`audit_events_uri: ['file:///var/lib/telep…