Policy types for @turbot/servicenow-aws-iam
- AWS > IAM > Group > ServiceNow
- AWS > IAM > Group > ServiceNow > Configuration Item
- AWS > IAM > Group > ServiceNow > Configuration Item > Record
- AWS > IAM > Group > ServiceNow > Configuration Item > Table Definition
- AWS > IAM > Group > ServiceNow > Table
- AWS > IAM > Group > ServiceNow > Table > Definition
- AWS > IAM > Role > ServiceNow
- AWS > IAM > Role > ServiceNow > Configuration Item
- AWS > IAM > Role > ServiceNow > Configuration Item > Record
- AWS > IAM > Role > ServiceNow > Configuration Item > Table Definition
- AWS > IAM > Role > ServiceNow > Table
- AWS > IAM > Role > ServiceNow > Table > Definition
- AWS > IAM > User > ServiceNow
- AWS > IAM > User > ServiceNow > Configuration Item
- AWS > IAM > User > ServiceNow > Configuration Item > Record
- AWS > IAM > User > ServiceNow > Configuration Item > Table Definition
- AWS > IAM > User > ServiceNow > Table
- AWS > IAM > User > ServiceNow > Table > Definition
AWS > IAM > Group > ServiceNow
tmod:@turbot/servicenow-aws-iam#/policy/types/groupServiceNow
AWS > IAM > Group > ServiceNow > Configuration Item
Synchronize the data for the AWS > IAM > Group based on the policies AWS > IAM > Group > ServiceNow > Configuration Item > *
The policy ensures that AWS > IAM > Group data is automatically synchronized as Configuration Items (CIs) in a designated ServiceNow table, maintaining an up-to-date reflection of the AWS > IAM > Group information within the ServiceNow CMDB.
tmod:@turbot/servicenow-aws-iam#/policy/types/groupServiceNowConfigurationItem
[ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete"]
{ "type": "string", "enum": [ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete" ], "example": [ "Skip" ], "default": "Skip"}
AWS > IAM > Group > ServiceNow > Configuration Item > Record
The policy facilitates the accurate representation of cloud resource within the ServiceNow environment, ensuring that critical data is effectively mapped and managed. Attribute of an AWS > IAM > Group
is systematically mapped to a specific column in a ServiceNow table.
The policy allows enabling organizations to select and map only those attributes that are most relevant to their operational needs. It significantly reduces the manual effort involved in data transfer and minimizes the risk of errors, thereby enhancing the overall efficiency of data management.
tmod:@turbot/servicenow-aws-iam#/policy/types/groupServiceNowConfigurationItemRecord
"{\n resource: group{\n data\n metadata\n turbot {\n akas\n id\n tags\n title\n }\n }\n}\n"
"account_id: {{ $.resource.data.AccountId | dump | safe }}\narn: {{ $.resource.data.Arn | dump | safe }}\nattached_policies: {{ $.resource.data.AttachedPolicies | dump | safe }}\ncreate_date: {{ $.resource.data.CreateDate | dump | safe }}\ngroup_id: {{ $.resource.data.GroupId | dump | safe }}\ngroup_name: {{ $.resource.data.GroupName | dump | safe }}\npath: {{ $.resource.data.Path | dump | safe }}\nusers: {{ $.resource.data.Users | dump | safe }}\n"
{ "type": "object"}
AWS > IAM > Group > ServiceNow > Configuration Item > Table Definition
This policy specifically allows users to define two key aspects: the name of the ServiceNow table where the AWS > IAM > Group
data will be stored, and the details of the columns used for archiving purposes.
tmod:@turbot/servicenow-aws-iam#/policy/types/groupServiceNowConfigurationItemTableDefinition
[ "{\n serviceNowInstance: resources(filter: \"resourceTypeId:tmod:@turbot/servicenow#/resource/types/instance level:self limit:1\") {\n items {\n turbot {\n id\n }\n }\n }\n}\n", "{\n tableDefinition: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow-aws-iam#/policy/types/groupServiceNowTableDefinition resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n applicationScope: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow#/policy/types/serviceNowApplicationScope resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n}\n"]
"tableName: "{%- if $.applicationScope.items | length == 0 or $.tableDefinition.items | length == 0 %} {%- else %}{{$.applicationScope.items[0].value}}_{{$.tableDefinition.items[0].value.table.name | lower}}{% endif %}"\n"
{ "type": "object", "additionalProperties": false, "required": [ "tableName" ], "properties": { "tableName": { "type": "string" }, "archiveColumns": { "type": "object" } }}
AWS > IAM > Group > ServiceNow > Table
Configure a table for AWS > IAM > Group
resource type in ServiceNow via the AWS > IAM > Group > ServiceNow > Table > *
policies.
tmod:@turbot/servicenow-aws-iam#/policy/types/groupServiceNowTable
[ "Skip", "Check: Configured", "Enforce: Configured"]
{ "type": "string", "enum": [ "Skip", "Check: Configured", "Enforce: Configured" ], "example": [ "Skip" ], "default": "Skip"}
AWS > IAM > Group > ServiceNow > Table > Definition
The policy enables the definition of ServiceNow table properties, including its name and the base table from which it extends, and details the specific columns required for representing AWS > IAM > Group data.
tmod:@turbot/servicenow-aws-iam#/policy/types/groupServiceNowTableDefinition
{ "type": "object", "additionalProperties": false, "required": [ "table", "columns" ], "properties": { "table": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string" }, "extendsTable": { "type": "string", "pattern": "^([0-9a-z_])+$" } } }, "columns": { "type": "array", "description": "An array of columns with their mappings to the CMDB.", "default": [], "items": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "description": "The name of the column in the table.", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string", "description": "The label for the column." }, "type": { "description": "The data type of the column.", "type": "string" }, "size": { "type": "integer", "description": "The length for data type." } } } } }, "default": { "table": { "name": "guardrails_aws_iam_group", "label": "AWS > IAM > Group", "extendsTable": "cmdb_ci" }, "columns": [ { "name": "account_id", "label": "Account ID" }, { "name": "arn", "label": "ARN" }, { "name": "attached_policies", "label": "Attached Policies", "type": "string", "size": 1000 }, { "name": "create_date", "label": "Create Date" }, { "name": "group_id", "label": "Group ID" }, { "name": "group_name", "label": "Group Name" }, { "name": "path", "label": "Path" }, { "name": "users", "label": "Users", "type": "string", "size": 1000 } ] }}
AWS > IAM > Role > ServiceNow
tmod:@turbot/servicenow-aws-iam#/policy/types/roleServiceNow
AWS > IAM > Role > ServiceNow > Configuration Item
Synchronize the data for the AWS > IAM > Role based on the policies AWS > IAM > Role > ServiceNow > Configuration Item > *
The policy ensures that AWS > IAM > Role data is automatically synchronized as Configuration Items (CIs) in a designated ServiceNow table, maintaining an up-to-date reflection of the AWS > IAM > Role information within the ServiceNow CMDB.
tmod:@turbot/servicenow-aws-iam#/policy/types/roleServiceNowConfigurationItem
[ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete"]
{ "type": "string", "enum": [ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete" ], "example": [ "Skip" ], "default": "Skip"}
AWS > IAM > Role > ServiceNow > Configuration Item > Record
The policy facilitates the accurate representation of cloud resource within the ServiceNow environment, ensuring that critical data is effectively mapped and managed. Attribute of an AWS > IAM > Role
is systematically mapped to a specific column in a ServiceNow table.
The policy allows enabling organizations to select and map only those attributes that are most relevant to their operational needs. It significantly reduces the manual effort involved in data transfer and minimizes the risk of errors, thereby enhancing the overall efficiency of data management.
tmod:@turbot/servicenow-aws-iam#/policy/types/roleServiceNowConfigurationItemRecord
"{\n resource: role{\n data\n metadata\n turbot {\n akas\n id\n tags\n title\n }\n }\n}\n"
"account_id: {{ $.resource.metadata.aws.accountId | dump | safe }}\narn: {{ $.resource.data.Arn | dump | safe }}\nassume_role_policy_document: {{ $.resource.data.AssumeRolePolicyDocument | dump | safe }}\nattached_policies: {{ $.resource.data.AttachedPolicies | dump | safe }}\ncreate_date: {{ $.resource.data.CreateDate | dump | safe }}\nmax_session_duration: {{ $.resource.data.MaxSessionDuration | dump | safe }}\npath: {{ $.resource.data.Path | dump | safe }}\npermissions_boundary_arn: {{ $.resource.data.PermissionsBoundary.PermissionsBoundaryArn | dump | safe }}\npermissions_boundary_type: {{ $.resource.data.PermissionsBoundary.PermissionsBoundaryType | dump | safe }}\nrole_id: {{ $.resource.data.RoleId | dump | safe }}\nrole_last_used_date: {{ $.resource.data.RoleLastUsed.LastUsedDate | dump | safe }}\nrole_last_used_region: {{ $.resource.data.RoleLastUsed.Region | dump | safe }}\nrole_name: {{ $.resource.data.RoleName | dump | safe }}\ntags: {{ $.resource.turbot.tags | dump | safe }}\n"
{ "type": "object"}
AWS > IAM > Role > ServiceNow > Configuration Item > Table Definition
This policy specifically allows users to define two key aspects: the name of the ServiceNow table where the AWS > IAM > Role
data will be stored, and the details of the columns used for archiving purposes.
tmod:@turbot/servicenow-aws-iam#/policy/types/roleServiceNowConfigurationItemTableDefinition
[ "{\n serviceNowInstance: resources(filter: \"resourceTypeId:tmod:@turbot/servicenow#/resource/types/instance level:self limit:1\") {\n items {\n turbot {\n id\n }\n }\n }\n}\n", "{\n tableDefinition: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow-aws-iam#/policy/types/roleServiceNowTableDefinition resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n applicationScope: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow#/policy/types/serviceNowApplicationScope resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n}\n"]
"tableName: "{%- if $.applicationScope.items | length == 0 or $.tableDefinition.items | length == 0 %} {%- else %}{{$.applicationScope.items[0].value}}_{{$.tableDefinition.items[0].value.table.name | lower}}{% endif %}"\n"
{ "type": "object", "additionalProperties": false, "required": [ "tableName" ], "properties": { "tableName": { "type": "string" }, "archiveColumns": { "type": "object" } }}
AWS > IAM > Role > ServiceNow > Table
Configure a table for AWS > IAM > Role
resource type in ServiceNow via the AWS > IAM > Role > ServiceNow > Table > *
policies.
tmod:@turbot/servicenow-aws-iam#/policy/types/roleServiceNowTable
[ "Skip", "Check: Configured", "Enforce: Configured"]
{ "type": "string", "enum": [ "Skip", "Check: Configured", "Enforce: Configured" ], "example": [ "Skip" ], "default": "Skip"}
AWS > IAM > Role > ServiceNow > Table > Definition
The policy enables the definition of ServiceNow table properties, including its name and the base table from which it extends, and details the specific columns required for representing AWS > IAM > Role data.
tmod:@turbot/servicenow-aws-iam#/policy/types/roleServiceNowTableDefinition
{ "type": "object", "additionalProperties": false, "required": [ "table", "columns" ], "properties": { "table": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string" }, "extendsTable": { "type": "string", "pattern": "^([0-9a-z_])+$" } } }, "columns": { "type": "array", "description": "An array of columns with their mappings to the CMDB.", "default": [], "items": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "description": "The name of the column in the table.", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string", "description": "The label for the column." }, "type": { "description": "The data type of the column.", "type": "string" }, "size": { "type": "integer", "description": "The length for data type." } } } } }, "default": { "table": { "name": "guardrails_aws_iam_role", "label": "AWS > IAM > Role", "extendsTable": "cmdb_ci" }, "columns": [ { "name": "account_id", "label": "Account ID" }, { "name": "arn", "label": "ARN" }, { "name": "assume_role_policy_document", "label": "Assume Role Policy Document", "type": "string", "size": 1000 }, { "name": "attached_policies", "label": "Attached Policies", "type": "string", "size": 1000 }, { "name": "create_date", "label": "Create Date" }, { "name": "max_session_duration", "label": "Max Session Duration" }, { "name": "path", "label": "Path" }, { "name": "permissions_boundary_arn", "label": "Permissions Boundary ARN" }, { "name": "permissions_boundary_type", "label": "Permissions Boundary Type" }, { "name": "role_id", "label": "Role ID" }, { "name": "role_last_used_date", "label": "Role Last Used Date" }, { "name": "role_last_used_region", "label": "Role Last Used Region" }, { "name": "role_name", "label": "Role Name" }, { "name": "tags", "label": "Tags", "type": "string", "size": 1000 } ] }}
AWS > IAM > User > ServiceNow
tmod:@turbot/servicenow-aws-iam#/policy/types/userServiceNow
AWS > IAM > User > ServiceNow > Configuration Item
Synchronize the data for the AWS > IAM > User based on the policies AWS > IAM > User > ServiceNow > Configuration Item > *
The policy ensures that AWS > IAM > User data is automatically synchronized as Configuration Items (CIs) in a designated ServiceNow table, maintaining an up-to-date reflection of the AWS > IAM > User information within the ServiceNow CMDB.
tmod:@turbot/servicenow-aws-iam#/policy/types/userServiceNowConfigurationItem
[ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete"]
{ "type": "string", "enum": [ "Skip", "Check: Archived", "Check: Deleted", "Check: Sync", "Enforce: Archived", "Enforce: Deleted", "Enforce: Sync", "Enforce: Sync, archive on delete" ], "example": [ "Skip" ], "default": "Skip"}
AWS > IAM > User > ServiceNow > Configuration Item > Record
The policy facilitates the accurate representation of cloud resource within the ServiceNow environment, ensuring that critical data is effectively mapped and managed. Attribute of an AWS > IAM > User
is systematically mapped to a specific column in a ServiceNow table.
The policy allows enabling organizations to select and map only those attributes that are most relevant to their operational needs. It significantly reduces the manual effort involved in data transfer and minimizes the risk of errors, thereby enhancing the overall efficiency of data management.
tmod:@turbot/servicenow-aws-iam#/policy/types/userServiceNowConfigurationItemRecord
"{\n resource: user{\n data\n metadata\n turbot {\n akas\n id\n tags\n title\n }\n }\n}\n"
"account_id: {{ $.resource.metadata.aws.accountId | dump | safe }}\narn: {{ $.resource.data.Arn | dump | safe }}\nattached_policies: {{ $.resource.data.AttachedPolicies | dump | safe }}\ncreate_date: {{ $.resource.data.CreateDate | dump | safe }}\ngroups: {{ $.resource.data.Groups | dump | safe }}\nlogin_profile: {{ $.resource.data.LoginProfile | dump | safe }}\npassword_last_used: {{ $.resource.data.PasswordLastUsed | dump | safe }}\npath: {{ $.resource.data.Path | dump | safe }}\ntags: {{ $.resource.turbot.tags | dump | safe }}\nuser_id: {{ $.resource.data.UserId | dump | safe }}\nuser_name: {{ $.resource.data.UserName | dump | safe }}\nuser_policies: {{ $.resource.data.UserPolicies | dump | safe }}\n"
{ "type": "object"}
AWS > IAM > User > ServiceNow > Configuration Item > Table Definition
This policy specifically allows users to define two key aspects: the name of the ServiceNow table where the AWS > IAM > User
data will be stored, and the details of the columns used for archiving purposes.
tmod:@turbot/servicenow-aws-iam#/policy/types/userServiceNowConfigurationItemTableDefinition
[ "{\n serviceNowInstance: resources(filter: \"resourceTypeId:tmod:@turbot/servicenow#/resource/types/instance level:self limit:1\") {\n items {\n turbot {\n id\n }\n }\n }\n}\n", "{\n tableDefinition: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow-aws-iam#/policy/types/userServiceNowTableDefinition resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n applicationScope: policyValues(filter: \"policyTypeId:tmod:@turbot/servicenow#/policy/types/serviceNowApplicationScope resourceId:{{$.serviceNowInstance.items[0].turbot.id}} level:self\") {\n items {\n value\n }\n }\n}\n"]
"tableName: "{%- if $.applicationScope.items | length == 0 or $.tableDefinition.items | length == 0 %} {%- else %}{{$.applicationScope.items[0].value}}_{{$.tableDefinition.items[0].value.table.name | lower}}{% endif %}"\n"
{ "type": "object", "additionalProperties": false, "required": [ "tableName" ], "properties": { "tableName": { "type": "string" }, "archiveColumns": { "type": "object" } }}
AWS > IAM > User > ServiceNow > Table
Configure a table for AWS > IAM > User
resource type in ServiceNow via the AWS > IAM > User > ServiceNow > Table > *
policies.
tmod:@turbot/servicenow-aws-iam#/policy/types/userServiceNowTable
[ "Skip", "Check: Configured", "Enforce: Configured"]
{ "type": "string", "enum": [ "Skip", "Check: Configured", "Enforce: Configured" ], "example": [ "Skip" ], "default": "Skip"}
AWS > IAM > User > ServiceNow > Table > Definition
The policy enables the definition of ServiceNow table properties, including its name and the base table from which it extends, and details the specific columns required for representing AWS > IAM > User data.
tmod:@turbot/servicenow-aws-iam#/policy/types/userServiceNowTableDefinition
{ "type": "object", "additionalProperties": false, "required": [ "table", "columns" ], "properties": { "table": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string" }, "extendsTable": { "type": "string", "pattern": "^([0-9a-z_])+$" } } }, "columns": { "type": "array", "description": "An array of columns with their mappings to the CMDB.", "default": [], "items": { "type": "object", "required": [ "name" ], "properties": { "name": { "type": "string", "description": "The name of the column in the table.", "pattern": "^([0-9a-z_])+$" }, "label": { "type": "string", "description": "The label for the column." }, "type": { "description": "The data type of the column.", "type": "string" }, "size": { "type": "integer", "description": "The length for data type." } } } } }, "default": { "table": { "name": "guardrails_aws_iam_user", "label": "AWS > IAM > User", "extendsTable": "cmdb_ci" }, "columns": [ { "name": "account_id", "label": "Account ID" }, { "name": "arn", "label": "ARN" }, { "name": "attached_policies", "label": "Attached Policies", "type": "string", "size": 1000 }, { "name": "create_date", "label": "Create Date" }, { "name": "groups", "label": "Groups", "type": "string", "size": 1000 }, { "name": "login_profile", "label": "Login Profile", "type": "string", "size": 1000 }, { "name": "password_last_used", "label": "Password Last Used" }, { "name": "path", "label": "Path" }, { "name": "tags", "label": "Tags", "type": "string", "size": 1000 }, { "name": "user_id", "label": "User ID" }, { "name": "user_name", "label": "User Name" }, { "name": "user_policies", "label": "User Policies", "type": "string", "size": 1000 } ] }}