Check for account ids that the service catalog portfolio is shared with
policies: - name: catalog-portfolio-cross-account resource: aws.catalog-portfolio filters: - type: cross-account
properties: type: enum: - cross-account whitelist: items: type: string type: array whitelist_from: additionalProperties: 'False' properties: expr: oneOf: - type: integer - type: string format: enum: - csv - json - txt - csv2dict headers: patternProperties: ? '' : type: string type: object url: type: string required: - url type: object required: - type
Permissions - servicecatalog:ListPortfolioAccess
Compute the diff from the current resource to a previous version.
A resource matches the filter if a diff exists between the current resource and the selected revision.
Utilizes config as a resource revision database.
Revisions can be selected by date, against the previous version, and against a locked version (requires use of is-locked filter).
properties: selector: enum: - previous - date - locked selector_value: type: string type: enum: - json-diff required: - type
Permissions - config:GetResourceConfigHistory
Action to delete a Service Catalog Portfolio
policies: - name: service-catalog-portfolio-delete resource: aws.catalog-portfolio filters: - type: cross-account actions: - delete
properties: type: enum: - delete required: - type
Permissions - servicecatalog:DeletePortfolio