Control types for @turbot/aws-apigateway

• AWS > API Gateway > API > Active
• AWS > API Gateway > API > Approved
• AWS > API Gateway > API > CMDB
• AWS > API Gateway > API > Discovery
• AWS > API Gateway > API > Tags
• AWS > API Gateway > API > Usage
• AWS > API Gateway > API Key > Active
• AWS > API Gateway > API Key > Approved
• AWS > API Gateway > API Key > CMDB
• AWS > API Gateway > API Key > Discovery
• AWS > API Gateway > API Key > Tags
• AWS > API Gateway > API Key > Usage
• AWS > API Gateway > API V2 > Active
• AWS > API Gateway > API V2 > Approved
• AWS > API Gateway > API V2 > CMDB
• AWS > API Gateway > API V2 > Discovery
• AWS > API Gateway > API V2 > Tags
• AWS > API Gateway > API V2 > Usage
• AWS > API Gateway > Authorizer > Active
• AWS > API Gateway > Authorizer > Approved
• AWS > API Gateway > Authorizer > CMDB
• AWS > API Gateway > Authorizer > Discovery
• AWS > API Gateway > Authorizer > Usage
• AWS > API Gateway > Authorizer V2 > Active
• AWS > API Gateway > Authorizer V2 > Approved
• AWS > API Gateway > Authorizer V2 > CMDB
• AWS > API Gateway > Authorizer V2 > Discovery
• AWS > API Gateway > Authorizer V2 > Usage
• AWS > API Gateway > Domain Name V2 > Active
• AWS > API Gateway > Domain Name V2 > Approved
• AWS > API Gateway > Domain Name V2 > CMDB
• AWS > API Gateway > Domain Name V2 > Discovery
• AWS > API Gateway > Domain Name V2 > Tags
• AWS > API Gateway > Domain Name V2 > Usage
• AWS > API Gateway > Integration V2 > Active
• AWS > API Gateway > Integration V2 > Approved
• AWS > API Gateway > Integration V2 > CMDB
• AWS > API Gateway > Integration V2 > Discovery
• AWS > API Gateway > Integration V2 > Usage
• AWS > API Gateway > Resource > Active
• AWS > API Gateway > Resource > Approved
• AWS > API Gateway > Resource > CMDB
• AWS > API Gateway > Resource > Discovery
• AWS > API Gateway > Resource > Usage
• AWS > API Gateway > Stage > Active
• AWS > API Gateway > Stage > Approved
• AWS > API Gateway > Stage > CMDB
• AWS > API Gateway > Stage > Discovery
• AWS > API Gateway > Stage > Tags
• AWS > API Gateway > Stage > Usage
• AWS > API Gateway > Stage v2 > Active
• AWS > API Gateway > Stage v2 > Approved
• AWS > API Gateway > Stage v2 > CMDB
• AWS > API Gateway > Stage v2 > Discovery
• AWS > API Gateway > Stage v2 > Tags
• AWS > API Gateway > Stage v2 > Usage
• AWS > API Gateway > Usage Plan > Active
• AWS > API Gateway > Usage Plan > Approved
• AWS > API Gateway > Usage Plan > CMDB
• AWS > API Gateway > Usage Plan > Discovery
• AWS > API Gateway > Usage Plan > Tags
• AWS > API Gateway > Usage Plan > Usage

AWS > API Gateway > API > Active

Take an action when an AWS API Gateway api is not active based on the
AWS > API Gateway > API > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > API > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > API > Approved

Take an action when an AWS API Gateway api is not approved based on AWS > API Gateway > API > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > API > CMDB

Record and synchronize details for the AWS API Gateway api into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > API > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > API > Discovery

Discover all AWS API Gateway api resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > API > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > API > Tags

Take an action when an AWS API Gateway api tags is not updated based on the AWS > API Gateway > API > Tags > * policies.

If the resource is not updated with the tags defined in AWS > API Gateway > API > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

AWS > API Gateway > API > Usage

The Usage control determines whether the number of AWS API Gateway api resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > API Gateway > API > Usage policy, and set the limit with the AWS > API Gateway > API > Usage > Limit policy.

AWS > API Gateway > API Key > Active

Take an action when an AWS API Gateway api key is not active based on the
AWS > API Gateway > API Key > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > API Key > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > API Key > Approved

Take an action when an AWS API Gateway api key is not approved based on AWS > API Gateway > API Key > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > API Key > CMDB

Record and synchronize details for the AWS API Gateway api key into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > API Key > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > API Key > Discovery

Discover all AWS API Gateway api key resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > API Key > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > API Key > Tags

Take an action when an AWS API Gateway api key tags is not updated based on the AWS > API Gateway > API Key > Tags > * policies.

If the resource is not updated with the tags defined in AWS > API Gateway > API Key > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

AWS > API Gateway > API Key > Usage

The Usage control determines whether the number of AWS API Gateway api key resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > API Gateway > API Key > Usage policy, and set the limit with the AWS > API Gateway > API Key > Usage > Limit policy.

AWS > API Gateway > API V2 > Active

Take an action when an AWS API Gateway api v2 is not active based on the
AWS > API Gateway > API V2 > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > API V2 > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > API V2 > Approved

Take an action when an AWS API Gateway api v2 is not approved based on AWS > API Gateway > API V2 > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > API V2 > CMDB

Record and synchronize details for the AWS API Gateway api v2 into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > API V2 > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > API V2 > Discovery

Discover all AWS API Gateway api v2 resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > API V2 > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > API V2 > Tags

Take an action when an AWS API Gateway api v2 tags is not updated based on the AWS > API Gateway > API V2 > Tags > * policies.

If the resource is not updated with the tags defined in AWS > API Gateway > API V2 > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

AWS > API Gateway > API V2 > Usage

The Usage control determines whether the number of AWS API Gateway api v2 resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > API Gateway > API V2 > Usage policy, and set the limit with the AWS > API Gateway > API V2 > Usage > Limit policy.

AWS > API Gateway > Authorizer > Active

Take an action when an AWS API Gateway authorizer is not active based on the
AWS > API Gateway > Authorizer > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Authorizer > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Authorizer > Approved

Take an action when an AWS API Gateway authorizer is not approved based on AWS > API Gateway > Authorizer > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Authorizer > CMDB

Record and synchronize details for the AWS API Gateway authorizer into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Authorizer > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Authorizer > Discovery

Discover all AWS API Gateway authorizer resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Authorizer > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Authorizer > Usage

The Usage control determines whether the number of AWS API Gateway authorizer resources exceeds the configured usage limit for this api.

You can configure the behavior of this control with the AWS > API Gateway > Authorizer > Usage policy, and set the limit with the AWS > API Gateway > Authorizer > Usage > Limit policy.

AWS > API Gateway > Authorizer V2 > Active

Take an action when an AWS API Gateway authorizer v2 is not active based on the
AWS > API Gateway > Authorizer V2 > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Authorizer V2 > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Authorizer V2 > Approved

Take an action when an AWS API Gateway authorizer v2 is not approved based on AWS > API Gateway > Authorizer V2 > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Authorizer V2 > CMDB

Record and synchronize details for the AWS API Gateway authorizer v2 into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Authorizer V2 > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Authorizer V2 > Discovery

Discover all AWS API Gateway authorizer v2 resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Authorizer V2 > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Authorizer V2 > Usage

The Usage control determines whether the number of AWS API Gateway authorizer v2 resources exceeds the configured usage limit for this apiV2.

You can configure the behavior of this control with the AWS > API Gateway > Authorizer V2 > Usage policy, and set the limit with the AWS > API Gateway > Authorizer V2 > Usage > Limit policy.

AWS > API Gateway > Domain Name V2 > Active

Take an action when an AWS API Gateway domain name v2 is not active based on the
AWS > API Gateway > Domain Name V2 > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Domain Name V2 > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Domain Name V2 > Approved

Take an action when an AWS API Gateway domain name v2 is not approved based on AWS > API Gateway > Domain Name V2 > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Domain Name V2 > CMDB

Record and synchronize details for the AWS API Gateway domain name v2 into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Domain Name V2 > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Domain Name V2 > Discovery

Discover all AWS API Gateway domain name v2 resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Domain Name V2 > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Domain Name V2 > Tags

Take an action when an AWS API Gateway domain name v2 tags is not updated based on the AWS > API Gateway > Domain Name V2 > Tags > * policies.

If the resource is not updated with the tags defined in AWS > API Gateway > Domain Name V2 > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

AWS > API Gateway > Domain Name V2 > Usage

The Usage control determines whether the number of AWS API Gateway domain name v2 resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > API Gateway > Domain Name V2 > Usage policy, and set the limit with the AWS > API Gateway > Domain Name V2 > Usage > Limit policy.

AWS > API Gateway > Integration V2 > Active

Take an action when an AWS API Gateway integration v2 is not active based on the
AWS > API Gateway > Integration V2 > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Integration V2 > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Integration V2 > Approved

Take an action when an AWS API Gateway integration v2 is not approved based on AWS > API Gateway > Integration V2 > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Integration V2 > CMDB

Record and synchronize details for the AWS API Gateway integration v2 into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Integration V2 > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Integration V2 > Discovery

Discover all AWS API Gateway integration v2 resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Integration V2 > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Integration V2 > Usage

The Usage control determines whether the number of AWS API Gateway integration v2 resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > API Gateway > Integration V2 > Usage policy, and set the limit with the AWS > API Gateway > Integration V2 > Usage > Limit policy.

AWS > API Gateway > Resource > Active

Take an action when an AWS API Gateway resource is not active based on the
AWS > API Gateway > Resource > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Resource > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Resource > Approved

Take an action when an AWS API Gateway resource is not approved based on AWS > API Gateway > Resource > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Resource > CMDB

Record and synchronize details for the AWS API Gateway resource into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Resource > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Resource > Discovery

Discover all AWS API Gateway resource resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Resource > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Resource > Usage

The Usage control determines whether the number of AWS API Gateway resource resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > API Gateway > Resource > Usage policy, and set the limit with the AWS > API Gateway > Resource > Usage > Limit policy.

AWS > API Gateway > Stage > Active

Take an action when an AWS API Gateway stage is not active based on the
AWS > API Gateway > Stage > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Stage > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Stage > Approved

Take an action when an AWS API Gateway stage is not approved based on AWS > API Gateway > Stage > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Stage > CMDB

Record and synchronize details for the AWS API Gateway stage into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Stage > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Stage > Discovery

Discover all AWS API Gateway stage resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Stage > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Stage > Tags

Take an action when an AWS API Gateway stage tags is not updated based on the AWS > API Gateway > Stage > Tags > * policies.

If the resource is not updated with the tags defined in AWS > API Gateway > Stage > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

AWS > API Gateway > Stage > Usage

The Usage control determines whether the number of AWS API Gateway stage resources exceeds the configured usage limit for this api.

You can configure the behavior of this control with the AWS > API Gateway > Stage > Usage policy, and set the limit with the AWS > API Gateway > Stage > Usage > Limit policy.

AWS > API Gateway > Stage v2 > Active

Take an action when an AWS API Gateway stage v2 is not active based on the
AWS > API Gateway > Stage v2 > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Stage v2 > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Stage v2 > Approved

Take an action when an AWS API Gateway stage v2 is not approved based on AWS > API Gateway > Stage v2 > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Stage v2 > CMDB

Record and synchronize details for the AWS API Gateway stage v2 into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Stage v2 > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Stage v2 > Discovery

Discover all AWS API Gateway stage v2 resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Stage v2 > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Stage v2 > Tags

Take an action when an AWS API Gateway stage v2 tags is not updated based on the AWS > API Gateway > Stage v2 > Tags > * policies.

If the resource is not updated with the tags defined in AWS > API Gateway > Stage v2 > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

AWS > API Gateway > Stage v2 > Usage

The Usage control determines whether the number of AWS API Gateway stage v2 resources exceeds the configured usage limit for this apiV2.

You can configure the behavior of this control with the AWS > API Gateway > Stage v2 > Usage policy, and set the limit with the AWS > API Gateway > Stage v2 > Usage > Limit policy.

AWS > API Gateway > Usage Plan > Active

Take an action when an AWS API Gateway usage plan is not active based on the
AWS > API Gateway > Usage Plan > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (AWS > API Gateway > Usage Plan > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

AWS > API Gateway > Usage Plan > Approved

Take an action when an AWS API Gateway usage plan is not approved based on AWS > API Gateway > Usage Plan > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

AWS > API Gateway > Usage Plan > CMDB

Record and synchronize details for the AWS API Gateway usage plan into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > API Gateway > Usage Plan > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

AWS > API Gateway > Usage Plan > Discovery

Discover all AWS API Gateway usage plan resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > API Gateway > Usage Plan > Regions policy, the CMDB control will delete the resource from the CMDB.

AWS > API Gateway > Usage Plan > Tags

Take an action when an AWS API Gateway usage plan tags is not updated based on the AWS > API Gateway > Usage Plan > Tags > * policies.

If the resource is not updated with the tags defined in AWS > API Gateway > Usage Plan > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

AWS > API Gateway > Usage Plan > Usage

The Usage control determines whether the number of AWS API Gateway usage plan resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > API Gateway > Usage Plan > Usage policy, and set the limit with the AWS > API Gateway > Usage Plan > Usage > Limit policy.