enabled_control

Gets an individual enabled_control resource

Overview

Name	`enabled_control`
Type	Resource
Description	enabled_control
Id	`awscc.controltower.enabled_control`

Fields

Name	Datatype	Description
`control_identifier`	`string`	Arn of the control.
`target_identifier`	`string`	Arn for Organizational unit to which the control needs to be applied
`parameters`	`array`	Parameters to configure the enabled control behavior.
`tags`	`array`	A set of tags to assign to the enabled control.
`region`	`string`	AWS region.

Methods

Currently only SELECT is supported for this resource resource.

Example

SELECT
region,
control_identifier,
target_identifier,
parameters,
tags
FROM awscc.controltower.enabled_control
WHERE data__Identifier = '<TargetIdentifier>|<ControlIdentifier>';

Permissions

To operate on the enabled_control resource, the following permissions are required:

Update

controltower:ListEnabledControls,
controltower:GetEnabledControl,
controltower:GetControlOperation,
controltower:UpdateEnabledControl,
controltower:UntagResource,
controltower:TagResource,
organizations:UpdatePolicy,
organizations:CreatePolicy,
organizations:AttachPolicy,
organizations:DetachPolicy,
organizations:ListPoliciesForTarget,
organizations:ListTargetsForPolicy,
organizations:DescribePolicy

Delete

controltower:GetControlOperation,
controltower:DisableControl,
organizations:UpdatePolicy,
organizations:DeletePolicy,
organizations:CreatePolicy,
organizations:AttachPolicy,
organizations:DetachPolicy,
organizations:ListPoliciesForTarget,
organizations:ListTargetsForPolicy,
organizations:DescribePolicy

Read

controltower:ListEnabledControls,
controltower:GetEnabledControl,
controltower:ListTagsForResource

Overview​

Fields​

Methods​

Example​

Permissions​

Update​

Delete​

Read​

Overview

Fields

Methods

Example

Permissions

Update

Delete

Read