Check a resource’s embedded iam policy for cross account access.
properties: type: enum: - cross-account whitelist: items: type: string type: array whitelist_from: additionalProperties: 'False' properties: expr: oneOf: - type: integer - type: string format: enum: - csv - json - txt - csv2dict url: type: string required: - url type: object required: - type
Permissions - ec2:DescribeVpcPeeringConnections
Compute the diff from the current resource to a previous version.
A resource matches the filter if a diff exists between the current resource and the selected revision.
Utilizes config as a resource revision database.
Revisions can be selected by date, against the previous version, and against a locked version (requires use of is-locked filter).
properties: selector: enum: - previous - date - locked selector_value: type: string type: enum: - json-diff required: - type
Permissions - config:GetResourceConfigHistory
Return peers which are missing a route in route tables.
If the peering connection is between two vpcs in the same account, the connection is returned unless it is in present route tables in each vpc.
If the peering connection is between accounts, then the local vpc’s route table is checked.
properties: type: enum: - missing-route required: - type
Permissions - ec2:DescribeRouteTables