Created
March 20, 2020 22:49
-
-
Save jcderose/e8693e4c4b397694c813fb6f038db4d1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| policies: | |
| - name: aws.account-untagged | |
| resource: aws.account | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.acm-certificate-untagged | |
| resource: aws.acm-certificate | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rest-account-untagged | |
| resource: aws.rest-account | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rest-api-untagged | |
| resource: aws.rest-api | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rest-resource-untagged | |
| resource: aws.rest-resource | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rest-stage-untagged | |
| resource: aws.rest-stage | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rest-vpclink-untagged | |
| resource: aws.rest-vpclink | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.asg-untagged | |
| resource: aws.asg | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.launch-config-untagged | |
| resource: aws.launch-config | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.backup-plan-untagged | |
| resource: aws.backup-plan | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.backup-vault-untagged | |
| resource: aws.backup-vault | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.batch-compute-untagged | |
| resource: aws.batch-compute | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.batch-definition-untagged | |
| resource: aws.batch-definition | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cloud-directory-untagged | |
| resource: aws.cloud-directory | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cfn-untagged | |
| resource: aws.cfn | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.distribution-untagged | |
| resource: aws.distribution | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.streaming-distribution-untagged | |
| resource: aws.streaming-distribution | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.hsm-untagged | |
| resource: aws.hsm | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.hsm-client-untagged | |
| resource: aws.hsm-client | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.hsm-hapg-untagged | |
| resource: aws.hsm-hapg | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cloudhsm-cluster-untagged | |
| resource: aws.cloudhsm-cluster | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cloudsearch-untagged | |
| resource: aws.cloudsearch | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cloudtrail-untagged | |
| resource: aws.cloudtrail | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.alarm-untagged | |
| resource: aws.alarm | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.codebuild-untagged | |
| resource: aws.codebuild | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.codecommit-untagged | |
| resource: aws.codecommit | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.codepipeline-untagged | |
| resource: aws.codepipeline | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.identity-pool-untagged | |
| resource: aws.identity-pool | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.user-pool-untagged | |
| resource: aws.user-pool | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.config-recorder-untagged | |
| resource: aws.config-recorder | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.config-rule-untagged | |
| resource: aws.config-rule | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.datapipeline-untagged | |
| resource: aws.datapipeline | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.dax-untagged | |
| resource: aws.dax | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.directconnect-untagged | |
| resource: aws.directconnect | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.dlm-policy-untagged | |
| resource: aws.dlm-policy | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.dms-endpoint-untagged | |
| resource: aws.dms-endpoint | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.dms-instance-untagged | |
| resource: aws.dms-instance | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.directory-untagged | |
| resource: aws.directory | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.dynamodb-backup-untagged | |
| resource: aws.dynamodb-backup | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.dynamodb-table-untagged | |
| resource: aws.dynamodb-table | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.dynamodb-stream-untagged | |
| resource: aws.dynamodb-stream | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ami-untagged | |
| resource: aws.ami | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.customer-gateway-untagged | |
| resource: aws.customer-gateway | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ebs-untagged | |
| resource: aws.ebs | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ebs-snapshot-untagged | |
| resource: aws.ebs-snapshot | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ec2-untagged | |
| resource: aws.ec2 | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ec2-reserved-untagged | |
| resource: aws.ec2-reserved | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.eni-untagged | |
| resource: aws.eni | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.internet-gateway-untagged | |
| resource: aws.internet-gateway | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.key-pair-untagged | |
| resource: aws.key-pair | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.launch-template-version-untagged | |
| resource: aws.launch-template-version | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.nat-gateway-untagged | |
| resource: aws.nat-gateway | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.network-acl-untagged | |
| resource: aws.network-acl | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.network-addr-untagged | |
| resource: aws.network-addr | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.peering-connection-untagged | |
| resource: aws.peering-connection | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.route-table-untagged | |
| resource: aws.route-table | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.security-group-untagged | |
| resource: aws.security-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.subnet-untagged | |
| resource: aws.subnet | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.transit-attachment-untagged | |
| resource: aws.transit-attachment | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.transit-gateway-untagged | |
| resource: aws.transit-gateway | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.vpc-untagged | |
| resource: aws.vpc | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.vpc-endpoint-untagged | |
| resource: aws.vpc-endpoint | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.vpn-connection-untagged | |
| resource: aws.vpn-connection | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.vpn-gateway-untagged | |
| resource: aws.vpn-gateway | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ecr-untagged | |
| resource: aws.ecr | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ecs-untagged | |
| resource: aws.ecs | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ecs-container-instance-untagged | |
| resource: aws.ecs-container-instance | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ecs-service-untagged | |
| resource: aws.ecs-service | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ecs-task-untagged | |
| resource: aws.ecs-task | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ecs-task-definition-untagged | |
| resource: aws.ecs-task-definition | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.efs-untagged | |
| resource: aws.efs | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.efs-mount-target-untagged | |
| resource: aws.efs-mount-target | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.eks-untagged | |
| resource: aws.eks | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cache-cluster-untagged | |
| resource: aws.cache-cluster | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cache-snapshot-untagged | |
| resource: aws.cache-snapshot | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.cache-subnet-group-untagged | |
| resource: aws.cache-subnet-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.elasticbeanstalk-untagged | |
| resource: aws.elasticbeanstalk | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.elasticbeanstalk-environment-untagged | |
| resource: aws.elasticbeanstalk-environment | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.elb-untagged | |
| resource: aws.elb | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.app-elb-untagged | |
| resource: aws.app-elb | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.app-elb-target-group-untagged | |
| resource: aws.app-elb-target-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.emr-untagged | |
| resource: aws.emr | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.elasticsearch-untagged | |
| resource: aws.elasticsearch | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.event-rule-untagged | |
| resource: aws.event-rule | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.event-rule-target-untagged | |
| resource: aws.event-rule-target | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.firehose-untagged | |
| resource: aws.firehose | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.fsx-untagged | |
| resource: aws.fsx | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.fsx-backup-untagged | |
| resource: aws.fsx-backup | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.gamelift-build-untagged | |
| resource: aws.gamelift-build | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.gamelift-fleet-untagged | |
| resource: aws.gamelift-fleet | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.glacier-untagged | |
| resource: aws.glacier | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.glue-connection-untagged | |
| resource: aws.glue-connection | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.glue-crawler-untagged | |
| resource: aws.glue-crawler | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.glue-database-untagged | |
| resource: aws.glue-database | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.glue-dev-endpoint-untagged | |
| resource: aws.glue-dev-endpoint | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.glue-job-untagged | |
| resource: aws.glue-job | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.glue-table-untagged | |
| resource: aws.glue-table | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.health-event-untagged | |
| resource: aws.health-event | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.iam-certificate-untagged | |
| resource: aws.iam-certificate | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.iam-group-untagged | |
| resource: aws.iam-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.iam-policy-untagged | |
| resource: aws.iam-policy | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.iam-profile-untagged | |
| resource: aws.iam-profile | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.iam-role-untagged | |
| resource: aws.iam-role | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.iam-user-untagged | |
| resource: aws.iam-user | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.iot-untagged | |
| resource: aws.iot | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.kafka-untagged | |
| resource: aws.kafka | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.kinesis-untagged | |
| resource: aws.kinesis | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.kinesis-analytics-untagged | |
| resource: aws.kinesis-analytics | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.kms-untagged | |
| resource: aws.kms | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.kms-key-untagged | |
| resource: aws.kms-key | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.lambda-untagged | |
| resource: aws.lambda | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.lambda-layer-untagged | |
| resource: aws.lambda-layer | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.lightsail-db-untagged | |
| resource: aws.lightsail-db | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.lightsail-elb-untagged | |
| resource: aws.lightsail-elb | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.lightsail-instance-untagged | |
| resource: aws.lightsail-instance | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.log-group-untagged | |
| resource: aws.log-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ml-model-untagged | |
| resource: aws.ml-model | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.message-broker-untagged | |
| resource: aws.message-broker | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.opswork-stack-untagged | |
| resource: aws.opswork-stack | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.opswork-cm-untagged | |
| resource: aws.opswork-cm | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.qldb-untagged | |
| resource: aws.qldb | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-untagged | |
| resource: aws.rds | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-cluster-untagged | |
| resource: aws.rds-cluster | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-cluster-param-group-untagged | |
| resource: aws.rds-cluster-param-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-cluster-snapshot-untagged | |
| resource: aws.rds-cluster-snapshot | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-param-group-untagged | |
| resource: aws.rds-param-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-reserved-untagged | |
| resource: aws.rds-reserved | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-snapshot-untagged | |
| resource: aws.rds-snapshot | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-subnet-group-untagged | |
| resource: aws.rds-subnet-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rds-subscription-untagged | |
| resource: aws.rds-subscription | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.redshift-untagged | |
| resource: aws.redshift | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.redshift-snapshot-untagged | |
| resource: aws.redshift-snapshot | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.redshift-subnet-group-untagged | |
| resource: aws.redshift-subnet-group | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.healthcheck-untagged | |
| resource: aws.healthcheck | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.hostedzone-untagged | |
| resource: aws.hostedzone | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.rrset-untagged | |
| resource: aws.rrset | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.r53domain-untagged | |
| resource: aws.r53domain | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.s3-untagged | |
| resource: aws.s3 | |
| filters: | |
| - "tag:bucket-name": absent | |
| - name: aws.sagemaker-endpoint-untagged | |
| resource: aws.sagemaker-endpoint | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.sagemaker-endpoint-config-untagged | |
| resource: aws.sagemaker-endpoint-config | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.sagemaker-job-untagged | |
| resource: aws.sagemaker-job | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.sagemaker-model-untagged | |
| resource: aws.sagemaker-model | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.sagemaker-notebook-untagged | |
| resource: aws.sagemaker-notebook | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.sagemaker-transform-job-untagged | |
| resource: aws.sagemaker-transform-job | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.simpledb-untagged | |
| resource: aws.simpledb | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.secrets-manager-untagged | |
| resource: aws.secrets-manager | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.shield-attack-untagged | |
| resource: aws.shield-attack | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.shield-protection-untagged | |
| resource: aws.shield-protection | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.snowball-untagged | |
| resource: aws.snowball | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.snowball-cluster-untagged | |
| resource: aws.snowball-cluster | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.sns-untagged | |
| resource: aws.sns | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.sqs-untagged | |
| resource: aws.sqs | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ops-item-untagged | |
| resource: aws.ops-item | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ssm-activation-untagged | |
| resource: aws.ssm-activation | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ssm-managed-instance-untagged | |
| resource: aws.ssm-managed-instance | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.ssm-parameter-untagged | |
| resource: aws.ssm-parameter | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.step-machine-untagged | |
| resource: aws.step-machine | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.storage-gateway-untagged | |
| resource: aws.storage-gateway | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.support-case-untagged | |
| resource: aws.support-case | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.waf-untagged | |
| resource: aws.waf | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.waf-regional-untagged | |
| resource: aws.waf-regional | |
| filters: | |
| - "tag:application": absent | |
| - name: aws.workspaces-untagged | |
| resource: aws.workspaces | |
| filters: | |
| - "tag:application": absent |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment