aws.directory
Filters
is-log-forwarding
Parent base class for filters and actions.
Permissions - ds:ListLogSubscriptions
ldap
Filter directories based on their LDAP status
- example:
policies: - name: ldap-enabled-directories resource: directory filters: - type: ldap status: Disabled
Permissions - ds:DescribeLDAPSSettings
settings
Filter directories based on their settings
- example:
policies: - name: settings-enabled-directories resource: directory filters: - type: settings key: TLS_1_0 value: Enable
Permissions - ds:DescribeSettings
Actions
delete
Delete a directory.
- example:
policies:
- name: delete-directory
resource: aws.directory
filters:
- Name: test.example.com
actions:
- delete
Permissions - ds:DeleteDirectory