resource_policy

Gets an individual resource_policy resource

Overview

Name	resource_policy
Type	Resource
Description	resource_policy
Id	awscc.cloudtrail.resource_policy

Fields

Name	Datatype	Description
resource_arn	string	The ARN of the AWS CloudTrail resource to which the policy applies.
resource_policy	object	A policy document containing permissions to add to the specified resource. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.
region	string	AWS region.

Methods

Currently only SELECT is supported for this resource resource.

Example

SELECT
region,
resource_arn,
resource_policy
FROM awscc.cloudtrail.resource_policy
WHERE data__Identifier = '<ResourceArn>';

Permissions

To operate on the resource_policy resource, the following permissions are required:

Read

CloudTrail:GetResourcePolicy

Update

CloudTrail:PutResourcePolicy,
CloudTrail:GetResourcePolicy

Delete

CloudTrail:DeleteResourcePolicy