UnusedPermissionsRecommendationStep - AWS Security Hub CSPM
ContentsSee Also
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

UnusedPermissionsRecommendationStep

Contains information about the action to take for a policy in an unused permissions finding.

Contents

ExistingPolicy

The contents of the existing policy identified by ExistingPolicyId which needs to be replaced, when the RecommendedAction is CREATE_POLICY.

Type: String

Pattern: .*\S.*

Required: No

ExistingPolicyId

The ID of an existing policy to be replaced or detached.

Type: String

Pattern: .*\S.*

Required: No

PolicyUpdatedAt

The time at which the existing policy for the unused permissions finding was last updated.

Type: Timestamp

Required: No

RecommendedAction

A recommendation of whether to create or detach a policy for an unused permissions finding.

Type: String

Pattern: .*\S.*

Required: No

RecommendedPolicy

The contents of the least-privileged recommended replacement for ExistingPolicyId, when the RecommendedAction is CREATE_POLICY.

Type: String

Pattern: .*\S.*

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: