tatum-cnapp-iam-acls
Get cloud IAM ACLs from the Tatum CNAPP service.
tatum-cnapp-iam-acls [profile=PROFILE]
- profile=PROFILE
- Connect profile code of Tatum CNAPP.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | Connect profile code of Tatum CNAPP device. |
| cloud_alias | String | Cloud alias | e.g. acme-dev |
| cloud_provider | String | Cloud service provider | e.g. AWS, AZURE, GCP |
| cloud_account | String | Cloud account | 12 digits for AWS |
| cloud_resource_name | String | Cloud resource name | e.g. AmazonS3ReadOnlyAccess |
| cloud_resource_type | String | Cloud resource type | e.g. DIRECT_INLINE_POLICY, DIRECT_MANAGED_POLICY |
| assign_type | String | ACL assign type | e.g. DIRECT, GROUP |
| can_write | Bool | Can write | True if entity has write permission. |
| iam_entities | String | IAM entities | Line separated entity names. |
| cloud_id | String | Cloud ID | e.g. 67778745c1c389327fc4d6cc |
| cloud_resource | String | Cloud resource | e.g. arn:aws:iam::aws:policy/SecurityAudit |