Product logo
DocsBlogPricing

Control types for @turbot/aws-vpc-internet

AWS > VPC > Egress Only Internet Gateway > Active

Take an action when an AWS VPC egress only internet gateway is not active based on the AWS > VPC > Egress Only Internet Gateway > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > VPC > Egress Only Internet Gateway > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/egressOnlyInternetGatewayActive
Parent
Category
Targets

AWS > VPC > Egress Only Internet Gateway > Approved

Take an action when an AWS VPC egress only internet gateway is not approved based on AWS > VPC > Egress Only Internet Gateway > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/egressOnlyInternetGatewayApproved
Parent
Category
Targets

AWS > VPC > Egress Only Internet Gateway > CMDB

Record and synchronize details for the AWS VPC egress only internet gateway into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > VPC > Egress Only Internet Gateway > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

URI
tmod:@turbot/aws-vpc-internet#/control/types/egressOnlyInternetGatewayCmdb
Parent
Category
Targets

AWS > VPC > Egress Only Internet Gateway > Configured

Maintain AWS > VPC > Egress Only Internet Gateway configuration

Note: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored and inherit from the stack that owns it

URI
tmod:@turbot/aws-vpc-internet#/control/types/egressOnlyInternetGatewayConfigured
Parent
Category
Targets

AWS > VPC > Egress Only Internet Gateway > Discovery

Discover all AWS VPC egress only internet gateway resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > VPC > Egress Only Internet Gateway > Regions policy, the CMDB control will delete the resource from the CMDB.

URI
tmod:@turbot/aws-vpc-internet#/control/types/egressOnlyInternetGatewayDiscovery
Parent
Category
Targets

AWS > VPC > Egress Only Internet Gateway > Tags

Take an action when an AWS VPC egress only internet gateway tags is not updated based on the AWS > VPC > Egress Only Internet Gateway > Tags > * policies.

If the resource is not updated with the tags defined in AWS > VPC > Egress Only Internet Gateway > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/egressOnlyInternetGatewayTags
Parent
Category
Targets

AWS > VPC > Egress Only Internet Gateway > Usage

The Usage control determines whether the number of AWS VPC egress only internet gateway resources exceeds the configured usage limit for this region. You can configure the behavior of this control with the AWS > VPC > Egress Only Internet Gateway > Usage policy, and set the limit with the AWS > VPC > Egress Only Internet Gateway > Usage > Limit policy.

URI
tmod:@turbot/aws-vpc-internet#/control/types/egressOnlyInternetGatewayUsage
Parent
Category
Targets

AWS > VPC > Elastic IP > Active

Take an action when an AWS VPC elastic ip is not active based on the AWS > VPC > Elastic IP > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > VPC > Elastic IP > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/elasticIpActive
Parent
Category
Targets

AWS > VPC > Elastic IP > Approved

Take an action when an AWS VPC elastic ip is not approved based on AWS > VPC > Elastic IP > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/elasticIpApproved
Parent
Category
Targets

AWS > VPC > Elastic IP > CMDB

Record and synchronize details for the AWS VPC elastic ip into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > VPC > Elastic IP > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

URI
tmod:@turbot/aws-vpc-internet#/control/types/elasticIpCmdb
Parent
Category
Targets

AWS > VPC > Elastic IP > Configured

Maintain AWS > VPC > Elastic IP configuration

Note: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored and inherit from the stack that owns it

URI
tmod:@turbot/aws-vpc-internet#/control/types/elasticIpConfigured
Parent
Category
Targets

AWS > VPC > Elastic IP > Discovery

Discover all AWS VPC elastic ip resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > VPC > Elastic IP > Regions policy, the CMDB control will delete the resource from the CMDB.

URI
tmod:@turbot/aws-vpc-internet#/control/types/elasticIpDiscovery
Parent
Category
Targets

AWS > VPC > Elastic IP > Tags

Take an action when an AWS VPC elastic ip tags is not updated based on the AWS > VPC > Elastic IP > Tags > * policies.

If the resource is not updated with the tags defined in AWS > VPC > Elastic IP > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/elasticIpTags
Parent
Category
Targets

AWS > VPC > Elastic IP > Usage

The Usage control determines whether the number of AWS VPC elastic ip resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > VPC > Elastic IP > Usage policy, and set the limit with the AWS > VPC > Elastic IP > Usage > Limit policy.

URI
tmod:@turbot/aws-vpc-internet#/control/types/elasticIpUsage
Parent
Category
Targets

AWS > VPC > Endpoint > Active

Take an action when an AWS VPC endpoint is not active based on the AWS > VPC > Endpoint > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > VPC > Endpoint > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointActive
Parent
Category
Targets

AWS > VPC > Endpoint > Approved

Take an action when an AWS VPC endpoint is not approved based on AWS > VPC > Endpoint > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointApproved
Parent
Category
Targets

AWS > VPC > Endpoint > CMDB

Record and synchronize details for the AWS VPC endpoint into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > VPC > Endpoint > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointCmdb
Parent
Category
Targets

AWS > VPC > Endpoint > Configured

Maintain AWS > VPC > Endpoint configuration

Note: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored and inherit from the stack that owns it

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointConfigured
Parent
Category
Targets

AWS > VPC > Endpoint > Discovery

Discover all AWS VPC endpoint resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > VPC > Endpoint > Regions policy, the CMDB control will delete the resource from the CMDB.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointDiscovery
Parent
Category
Targets

AWS > VPC > Endpoint > Policy

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointPolicy
Parent
Category

AWS > VPC > Endpoint > Policy > Trusted Access

Take an action when AWS VPC endpoint policy is not trusted based on the AWS > VPC > Endpoint > Policy > Trusted Access > * policies.

The Trusted Access control evaluates the endpoint policy against the list of allowed members in each of the Trusted Access sub-policies (Trusted Access > Accounts, Trusted Access > Services etc.), this control raises an alarm and takes the defined enforcement action.

If set to Enforce: Revoke untrusted access, access to non-trusted members will be removed.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointPolicyTrustedAccess
Parent
Category
Targets

AWS > VPC > Endpoint > Tags

Take an action when an AWS VPC endpoint tags is not updated based on the AWS > VPC > Endpoint > Tags > * policies.

If the resource is not updated with the tags defined in AWS > VPC > Endpoint > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointTags
Parent
Category
Targets

AWS > VPC > Endpoint > Usage

The Usage control determines whether the number of AWS VPC endpoint resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > VPC > Endpoint > Usage policy, and set the limit with the AWS > VPC > Endpoint > Usage > Limit policy.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointUsage
Parent
Category
Targets

AWS > VPC > Endpoint Service > Active

Take an action when an AWS VPC endpoint service is not active based on the AWS > VPC > Endpoint Service > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > VPC > Endpoint Service > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointServiceActive
Parent
Category
Targets

AWS > VPC > Endpoint Service > Approved

Take an action when an AWS VPC endpoint service is not approved based on AWS > VPC > Endpoint Service > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointServiceApproved
Parent
Category
Targets

AWS > VPC > Endpoint Service > CMDB

Record and synchronize details for the AWS VPC endpoint service into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > VPC > Endpoint Service > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointServiceCmdb
Parent
Category
Targets

AWS > VPC > Endpoint Service > Configured

Maintain AWS > VPC > Endpoint Service configuration

Note: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored and inherit from the stack that owns it

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointServiceConfigured
Parent
Category
Targets

AWS > VPC > Endpoint Service > Discovery

Discover all AWS VPC endpoint service resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > VPC > Endpoint Service > Regions policy, the CMDB control will delete the resource from the CMDB.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointServiceDiscovery
Parent
Category
Targets

AWS > VPC > Endpoint Service > Tags

Take an action when an AWS VPC endpoint service tags is not updated based on the AWS > VPC > Endpoint Service > Tags > * policies.

If the resource is not updated with the tags defined in AWS > VPC > Endpoint Service > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointServiceTags
Parent
Category
Targets

AWS > VPC > Endpoint Service > Usage

The Usage control determines whether the number of AWS VPC endpoint service resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > VPC > Endpoint Service > Usage policy, and set the limit with the AWS > VPC > Endpoint Service > Usage > Limit policy.

URI
tmod:@turbot/aws-vpc-internet#/control/types/vpcEndpointServiceUsage
Parent
Category
Targets

AWS > VPC > Internet Gateway > Active

Take an action when an AWS VPC internet gateway is not active based on the AWS > VPC > Internet Gateway > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > VPC > Internet Gateway > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/internetGatewayActive
Parent
Category
Targets

AWS > VPC > Internet Gateway > Approved

Take an action when an AWS VPC internet gateway is not approved based on AWS > VPC > Internet Gateway > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/internetGatewayApproved
Parent
Category
Targets

AWS > VPC > Internet Gateway > CMDB

Record and synchronize details for the AWS VPC internet gateway into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > VPC > Internet Gateway > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

URI
tmod:@turbot/aws-vpc-internet#/control/types/internetGatewayCmdb
Parent
Category
Targets

AWS > VPC > Internet Gateway > Configured

Maintain AWS > VPC > Internet Gateway configuration

Note: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored and inherit from the stack that owns it

URI
tmod:@turbot/aws-vpc-internet#/control/types/internetGatewayConfigured
Parent
Category
Targets

AWS > VPC > Internet Gateway > Discovery

Discover all AWS VPC internet gateway resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > VPC > Internet Gateway > Regions policy, the CMDB control will delete the resource from the CMDB.

URI
tmod:@turbot/aws-vpc-internet#/control/types/internetGatewayDiscovery
Parent
Category
Targets

AWS > VPC > Internet Gateway > Tags

Take an action when an AWS VPC internet gateway tags is not updated based on the AWS > VPC > Internet Gateway > Tags > * policies.

If the resource is not updated with the tags defined in AWS > VPC > Internet Gateway > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/internetGatewayTags
Parent
Category
Targets

AWS > VPC > Internet Gateway > Usage

The Usage control determines whether the number of AWS VPC internet gateway resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > VPC > Internet Gateway > Usage policy, and set the limit with the AWS > VPC > Internet Gateway > Usage > Limit policy.

URI
tmod:@turbot/aws-vpc-internet#/control/types/internetGatewayUsage
Parent
Category
Targets

AWS > VPC > NAT Gateway > Active

Take an action when an AWS VPC nat gateway is not active based on the AWS > VPC > NAT Gateway > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has the ability to delete / cleanup the resource. When running an automated compliance environment, it's common to end up with a wide range of alarms that are difficult and time consuming to clear. The Active control brings automated, well-defined control to this process.

The Active control checks the status of all defined Active policies for the resource (AWS > VPC > NAT Gateway > Active > *), raises an alarm, and takes the defined enforcement action. Each Active sub-policy can calculate a status of active, inactive or skipped. Generally, if the resource appears to be Active for any reason it will be considered Active.

Note the contrast with Approved, where if the resource appears to be Unapproved for any reason it will be considered Unapproved.

See Active for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/natGatewayActive
Parent
Category
Targets

AWS > VPC > NAT Gateway > Approved

Take an action when an AWS VPC nat gateway is not approved based on AWS > VPC > NAT Gateway > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/natGatewayApproved
Parent
Category
Targets

AWS > VPC > NAT Gateway > CMDB

Record and synchronize details for the AWS VPC nat gateway into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Turbot CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > VPC > NAT Gateway > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

URI
tmod:@turbot/aws-vpc-internet#/control/types/natGatewayCmdb
Parent
Category
Targets

AWS > VPC > NAT Gateway > Configured

Maintain AWS > VPC > NAT Gateway configuration

Note: If the resource is managed by another stack, then the Skip/Check/Enforce values here are ignored and inherit from the stack that owns it

URI
tmod:@turbot/aws-vpc-internet#/control/types/natGatewayConfigured
Parent
Category
Targets

AWS > VPC > NAT Gateway > Discovery

Discover all AWS VPC nat gateway resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note that Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in AWS > VPC > NAT Gateway > Regions policy, the CMDB control will delete the resource from the CMDB.

URI
tmod:@turbot/aws-vpc-internet#/control/types/natGatewayDiscovery
Parent
Category
Targets

AWS > VPC > NAT Gateway > Tags

Take an action when an AWS VPC nat gateway tags is not updated based on the AWS > VPC > NAT Gateway > Tags > * policies.

If the resource is not updated with the tags defined in AWS > VPC > NAT Gateway > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

URI
tmod:@turbot/aws-vpc-internet#/control/types/natGatewayTags
Parent
Category
Targets

AWS > VPC > NAT Gateway > Usage

The Usage control determines whether the number of AWS VPC nat gateway resources exceeds the configured usage limit for this region.

You can configure the behavior of this control with the AWS > VPC > NAT Gateway > Usage policy, and set the limit with the AWS > VPC > NAT Gateway > Usage > Limit policy.

URI
tmod:@turbot/aws-vpc-internet#/control/types/natGatewayUsage
Parent
Category
Targets