enabled_controls

Retrieves a list of enabled_controls in a region

Overview

Name	`enabled_controls`
Type	Resource
Description	enabled_controls
Id	`awscc.controltower.enabled_controls`

Fields

Name	Datatype	Description
`target_identifier`	`string`	Arn for Organizational unit to which the control needs to be applied
`control_identifier`	`string`	Arn of the control.
`region`	`string`	AWS region.

Methods

Currently only SELECT is supported for this resource resource.

Example

SELECT
region,
target_identifier,
control_identifier
FROM awscc.controltower.enabled_controls
WHERE region = 'us-east-1'

Permissions

To operate on the enabled_controls resource, the following permissions are required:

Create

controltower:ListEnabledControls,
controltower:GetEnabledControl,
controltower:GetControlOperation,
controltower:EnableControl,
controltower:TagResource,
organizations:UpdatePolicy,
organizations:CreatePolicy,
organizations:AttachPolicy,
organizations:DetachPolicy,
organizations:ListPoliciesForTarget,
organizations:ListTargetsForPolicy,
organizations:DescribePolicy

List

controltower:ListEnabledControls

Overview​

Fields​

Methods​

Example​

Permissions​

Create​

List​