What Automations are included with Hyperglance?
See a complete list of the automation 'actions' that are included in the latest version of Hyperglance
What is an Automation?
In Hyperglance, an automation is the combination of a rule and a resulting action. If an automation fixes a problem/issue, the automation can also be referred to as a remediation.
Hyperglance ships with over 50 cloud automations ready to use "out of the box" for both AWS and Azure.
Hyperglance also ships with hundreds of predefined rules. These rules monitor your cloud environments using a customizable set of parameters. If your rule runs (manually or automatically) and finds one or more resources that meet your criteria, then it can trigger notifications and actions... or nothing, if you prefer!
Actions are contextual, too. This prevents you from accidentally creating impossible automations, e.g. you can't use the 'Attach an IAM role' action if IAM users aren't the subject of the rule in the first place.
AWS Predefined Automations
Here is the current list of AWS pre-defined automations (grouped by resource type) that are included with the latest version of Hyperglance.
The automations are grouped by the type of resource they can apply to, and are listed in this format:
| Automation Name |
Automation Description |
AMI
| Add Tag |
Adds a tag to a resource |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
| Deregister AMI |
Deregister the AMI |
AMI Image
| Set AMI to Private |
Sets and AMI to Private if it is currently Public |
Application Load Balancer
| Delete Load Balancer |
Destroys ALB/NLB Elastic Load Balancer (v2) |
Aurora DB Cluster
| Delete Aurora Cluster |
Deletes an Aurora DB Cluster |
Dynamo DB Table
| Delete Dynamo DB Table |
Deletes a specified Dynamo DB Table |
EBS Snapshot
| Add Tag |
Adds a tag to a resource |
| Delete EBS Snapshot |
Deletes a specified EBS Snapshot |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
EBS Volume
| Add Tag |
Adds a tag to a resource |
| Delete EBS Volume |
Deletes a specified EBS Volume - Must not be attached to a spot request instance |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
EC2 Instance
| Add Tag |
Adds a tag to a resource |
| Attach IAM Role |
Attaches an IAM role to an Instance |
| Delete EC2 Key Pair |
Deletes a specified EC2 Key Pair |
| Detach IAM Role |
Detaches a specified role from an EC2 Instance |
| Quarantine EC2 Instance |
Quarantines an EC2 Instance by attaching it to a Security group with no Ingress or Egress rules |
| Release Elastic IP |
Releases an Elastic IP from associated EC2 Instance |
| Remove Tag |
Removes a tag from a resource |
| Snapshot Instance |
Snapshots attached EBS Volumes |
| Start Instance |
Immediately Starts an EC2 Instance |
| Stop Instance |
Immediately Stops an EC2 Instance |
| Terminate Instance |
Terminates an EC2 Instance |
| Update Tag |
Replaces a tag's key but keeps its value |
EC2 Snapshot
| Update Tag |
Replaces a tag's key but keeps its value |
ECS Cluster
| Stop ECS Cluster |
Stops ECS Cluster |
IAM Policy
| Delete Default Policy Version |
Deletes the default policy version, and sets latest version as active |
IAM User
| Attach policy to User |
Attaches an existing policy to an IAM User |
| Deactivate Keys |
Deactivates Unused Access Keys |
| Delete Access Keys |
Deletes IAM Access Keys |
| Detach User from Group |
Detaches an IAM User from a specified User Group |
| Disable Console Access |
Disables a users console access, but leaves programmatic access intact |
| Force Password Change |
Forces an IAM User to change their password on next login |
| Quarantine User |
Attaches a DENY ALL policy to the user |
| Revoke Access Key |
Revokes IAM User Access Keys |
Internet Gateway
| Add Tag |
Adds a tag to a resource |
| Delete Internet Gateway |
Deletes a specified Internet Gateway |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
Lambda Function
| Disable Lambda |
Disables a Lambda from Executing |
| Remove Layers |
Removes Layers from a Lambda Function. |
NAT Gateway
| Remove Layers |
Removes Layers from a Lambda Function. |
| Delete NAT Gateway |
Deletes a specified NAT Gateway |
Network ACL
| Add Tag |
Adds a tag to a resource |
| Delete ACL |
Deletes an Access Control List |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
Network Interface
| Add Tag |
Adds a tag to a resource |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
Network Load Balancer
| Delete Load Balancer |
Destroys ALB/NLB Elastic Load Balancer (v2) |
Placement Group
| Update Tag |
Replaces a tag's key but keeps its value |
RDS DB Instance
| Delete RDS DB Instance |
Deletes an RDS DB Instance |
| Quarantine RDS Instance |
Quarantines and RDS Instance by applying a DENY ALL Security Group |
Redshift Cluster
| Delete Redshift Cluster |
Deletes a Redshift Cluster |
Region
| Enable KMS Rotation |
Enables rotations of KMS Keys |
Route Table
| Add Tag |
Adds a tag to a resource |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
S3 Bucket
| Block S3 Public Access |
Blocks all public access to an S3 Bucket |
| Clear an S3 Bucket |
Removes the contents of an S3 bucket |
| Delete S3 ACLs |
Deletes S3 Bucket Access Control Lists |
| Delete S3 Permissions |
Deletes all ACLs and Bucket Policies from an S3 bucket |
| Enable Access Logging |
Enables Access Logging for S3 Buckets |
| Enable S3 Encryption |
Enables AES265 Encryption on S3 Bucket Objects |
| Enable S3 Versioning |
Enables Object Versioning |
| S3 Enforce SSL |
Enforces SSL for object access |
Security Group
| Add Tag |
Adds a tag to a resource |
| Delete Rules |
Removes all Egress and Ingress rules from a Security Group |
| Delete Security Group |
Deletes a specified Security Group |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
SNS Topic
| Add Tag |
Adds a tag to a resource |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
SQS Queue
| Add Tag |
Adds a tag to a resource |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
Subnet
| Add Tag |
Adds a tag to a resource |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
VPC
| Add Tag |
Adds a tag to a resource |
| Isolate VPC |
Isolates an Entire VPC by applying a Deny ALL Network ACL and attaching a Deny All IAM Policy to all users |
| Remove Tag |
Removes a tag from a resource |
| Update Tag |
Replaces a tag's key but keeps its value |
Workspace
| Start Workspace |
Starts a Workspace |
| Stop Workspace |
Stops a Workspace |
| Terminate Workspace |
Terminates a Running Workspace |
Azure Predefined Automations
Here is the current list of Azure pre-defined automations (grouped by resource type) that are included with the latest version of Hyperglance.
The automations are grouped by the type of resource they can apply to, and are listed in this format:
| Automation Name |
Automation Description |
Disk
| Delete Disk |
Deletes a disk |
Image
| Delete Image |
Deletes an image |
Network Interface
| Delete NIC |
Delete network interface |
Public IP Address
| Delete public IP address |
Delete a public IP address |
SSH Public Key
| Delete SSH Public Key |
Deletes a ssh public key |
Virtual Machine
| Add Tag |
Adds a tag to a Virtual Machine |
| Remove Tag |
Remove a tag from a Virtual Machine |
| Update Tag |
Replaces a tag's key but retains its previous value |
| Delete VM |
Deletes a Virtual Machine |
| Power Off VM |
Powers Off (Pauses) a Virtual Machine. Charges are still incurred for allocated resources such as IP addresses |
| Start VM |
Starts a Virtual Machine |
| Stop VM |
Stops (Pauses) a Virtual Machine. Charges are still incurred for allocated resources such as IP addresses. |
| Stop (Deallocate) VM |
Shuts down the virtual machine and releases the compute resources. Charges are no longer incurred by this VM. |
Automation Details (JSON)
AWS
{
"automations": [
{
"name": "ec2_delete_internet_gateway",
"displayName": "Delete Internet Gateway",
"description": "Deletes a specified Internet Gateway",
"resourceTypes": [
"Internet Gateway"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:DeleteInternetGateway"
]
},
{
"name": "iam_quarantine_user",
"displayName": "Quarantine User",
"description": "Attaches a DENY ALL policy to the user",
"resourceTypes": [
"IAM User"
],
"params": [],
"permissions": [
"iam:CreatePolicy",
"iam:AttachUserPolicy"
]
},
{
"name": "ec2_detach_role",
"displayName": "Detach IAM Role",
"description": "Detaches a specified role from an EC2 Instance",
"resourceTypes": [
"EC2 Instance"
],
"params": [
{
"name": "Role",
"type": "string",
"default": " "
}
],
"permissions": [
"iam:ListInstanceProfilesForRole",
"iam:RemoveRoleFromInstanceProfile"
]
},
{
"name": "ec2_attach_role",
"displayName": "Attach IAM Role",
"description": "Attaches and IAM role to an Instance",
"resourceTypes": [
"EC2 Instance"
],
"params": [
{
"name": "Role",
"type": "string",
"default": " "
}
],
"permissions": [
"ec2:AssociateIamInstanceProfile",
"iam:GetRole",
"iam:CreateInstanceProfile",
"iam:PassRole",
"iam:AddRoleToInstanceProfile",
"iam:GetInstanceProfile",
"iam:ListInstanceProfilesForRole"
]
},
{
"name": "ec2_release_eips",
"displayName": "Release Elastic IP",
"description": "Releases and Elastic IP from associated EC2 Instance",
"resourceTypes": [
"EC2 Instance"
],
"params": [],
"permissions": [
"ec2:DescribeAddresses",
"ec2:DisassociateAddress",
"ec2:ReleaseAddress"
]
},
{
"name": "s3_clear_bucket",
"displayName": "Clear an S3 Bucket",
"description": "Removes the contents of an S3 bucket",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:ListBucket"
]
},
{
"name": "iam_user_attach_policy",
"displayName": "Attach policy to User",
"description": "Attaches an existing policy to an IAM User.",
"resourceTypes": [
"IAM User"
],
"params": [
{
"name": "Policy",
"type": "string",
"default": ""
}
],
"permissions": [
"iam:AttachUserPolicy",
"iam:ListPolicies"
]
},
{
"name": "ebs_delete_volume",
"displayName": "Delete EBS Volume",
"description": "Deletes a specified EBS Volume - Must not be attached to a spot request instance",
"resourceTypes": [
"EBS Volume"
],
"params": [],
"permissions": [
"ec2:DeleteVolume",
"ec2:DescribeVolumes",
"ec2:DetachVolume",
"ec2:StopInstances",
"ec2:DescribeInstances"
]
},
{
"name": "ec2_quarantine_instance",
"displayName": "Quarantine EC2 Instance",
"description": "Quarantines and EC2 Instance by attaching it to a Security group with no Ingress or Egress rules",
"resourceTypes": [
"EC2 Instance"
],
"params": [],
"permissions": [
"ec2:DescribeSecurityGroups",
"ec2:CreateSecurityGroup",
"ec2:RevokeSecurityGroupEgress",
"ec2:ModifyInstanceAttribute"
]
},
{
"name": "ec2_delete_security_group",
"displayName": "Delete Security Group",
"description": "Deletes a specified Security Group",
"resourceTypes": [
"Security Group"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:DeleteSecurityGroup"
]
},
{
"name": "iam_delete_default_policy_version",
"displayName": "Delete Default Policy Version",
"description": "Deletes the default policy version, and sets latest version as active",
"resourceTypes": [
"IAM Policy"
],
"params": [],
"permissions": [
"iam:ListPolicyVersions",
"iam:GetPolicy",
"iam:SetDefaultPolicyVersion",
"iam:DeletePolicyVersion"
]
},
{
"name": "update_tag",
"displayName": "Update Tag",
"description": "Replaces a tags key but keeps its value",
"resourceTypes": [
"Security Group",
"EC2 Instance",
"AMI",
"Internet Gateway",
"Network Acl",
"Network Interface",
"Placement Group",
"Route Table",
"EC2 Snapshot",
"Subnet",
"EBS Snapshot",
"EBS Volume",
"VPC",
"SNS Topic",
"SQS Queue"
],
"params": [
{
"name": "New Key",
"type": "string",
"default": ""
}
],
"permissions": [
"ec2:CreateTags",
"sns:TagResource",
"sqs:TagQueue",
"ec2:DeleteTags",
"sns:UntagResource",
"sqs:UntagQueue"
]
},
{
"name": "s3_block_public_access",
"displayName": "Block S3 Public Access",
"description": "Blocks all public access to S3 Bucket",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:PutBucketPublicAccessBlock"
]
},
{
"name": "s3_enable_encryption",
"displayName": "Enable S3 Encryption",
"description": "Enables AES265 Encryption on S3 Bucket Objects",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:PutEncryptionConfiguration"
]
},
{
"name": "rds_quarantine_instance",
"displayName": "Quarantine RDS Instance",
"description": "Quarantines and RDS Instance by applying a DENY ALL Security Group",
"resourceTypes": [
"RDS DB Instance"
],
"params": [],
"permissions": [
"ec2:DescribeSecurityGroups",
"ec2:CreateSecurityGroup",
"ec2:RevokeSecurityGroupEgress",
"rds:ModifyDBInstance",
"rds:StopDBInstance"
]
},
{
"name": "elb_delete_load_balancer",
"displayName": "Delete Load Balancer",
"description": "Destroys ALB/NLB Elastic Load Balancer (v2)",
"resourceTypes": [
"Application Load Balancer",
"Network Load Balancer"
],
"params": [],
"permissions": [
"elasticloadbalancing:DeleteLoadBalancer"
]
},
{
"name": "ec2_start_instance",
"displayName": "Start Instance",
"description": "Immediately Starts an EC2 Instance",
"resourceTypes": [
"EC2 Instance"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:StartInstances"
]
},
{
"name": "vpc_isolate",
"displayName": "Isolate VPC",
"description": "Isolates an Entire VPC by applying a Deny ALL Network ACL and attaching a Deny All IAM Policy to all users",
"resourceTypes": [
"VPC"
],
"params": [],
"permissions": [
"ec2:ModifyVpcAttribute",
"iam:CreatePolicy",
"ec2:DescribeNetworkAcls",
"ec2:CreateNetworkAcl",
"ec2:ReplaceNetworkAclAssociation",
"iam:ListUsers"
]
},
{
"name": "ec2_stop_instance",
"displayName": "Stop Instance",
"description": "Immediately Stops an EC2 Instance",
"resourceTypes": [
"EC2 Instance"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:StopInstances"
]
},
{
"name": "ami_set_private",
"displayName": "Set AMI to Private",
"description": "Sets and AMI to Private if it is currently Public",
"resourceTypes": [
"AMI Image"
],
"params": [],
"permissions": [
"ec2:ModifyImageAttribute"
]
},
{
"name": "iam_delete_access_key",
"displayName": "Delete Access Keys",
"description": "Deletes IAM Access Keys",
"resourceTypes": [
"IAM User"
],
"params": [],
"permissions": [
"iam:ListAccessKeys",
"iam:DeleteAccessKey"
]
},
{
"name": "remove_tag",
"displayName": "Remove Tag",
"description": "Removes a tag",
"resourceTypes": [
"Security Group",
"EC2 Instance",
"AMI",
"Internet Gateway",
"Network Acl",
"Network Interface",
"Route Table",
"EBS Snapshot",
"EBS VolumeSubnet",
"VPC",
"SQS Queue",
"SNS Topic"
],
"params": [
{
"name": "Key",
"type": "string",
"default": ""
}
],
"permissions": [
"ec2:DeleteTags",
"sns:UntagResource",
"sqs:UntagQueue"
]
},
{
"name": "workspaces_terminate_workspace",
"displayName": "Terminate Workspace",
"description": "Terminates a Running Workspace",
"resourceTypes": [
"Workspace"
],
"params": [],
"permissions": [
"workspaces:TerminateWorkspaces"
]
},
{
"name": "acl_delete",
"displayName": "Delete ACL",
"description": "Deletes an Access Control List",
"resourceTypes": [
"Network ACL"
],
"params": [],
"permissions": [
"ec2:DeleteNetworkAcl"
]
},
{
"name": "workspaces_stop_workspace",
"displayName": "Stop Workspace",
"description": "Stops a Workspace",
"resourceTypes": [
"Workspace"
],
"params": [],
"permissions": [
"workspaces:StopWorkspaces"
]
},
{
"name": "ec2_snapshot_instance",
"displayName": "Snapshot Instance",
"description": "Snapshots attached EBS Volumes",
"resourceTypes": [
"EC2 Instance"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:CreateSnapshots"
]
},
{
"name": "iam_disable_user_console_password",
"displayName": "Disable Console Access",
"description": "Disables a users console access, but leaves programmatic access intact",
"resourceTypes": [
"IAM User"
],
"params": [],
"permissions": [
"iam:DeleteLoginProfile"
]
},
{
"name": "lambda_detach_external_layers",
"displayName": "Remove Layers",
"description": "Removes Layers from a Lambda Function.",
"resourceTypes": [
"Lambda Function"
],
"params": [],
"permissions": [
"lambda:GetFunction",
"lambda:UpdateFunctionConfiguration",
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
]
},
{
"name": "add_tag",
"displayName": "Add Tag",
"description": "Adds a tag to a resource",
"resourceTypes": [
"Security Group",
"EC2 Instance",
"AMI",
"Internet Gateway",
"Network Acl",
"Network Interface",
"Route Table",
"EBS Snapshot",
"EBS Volume",
"Subnet",
"VPC",
"SNS Topic",
"SQS Queue"
],
"params": [
{
"name": "Key",
"type": "string",
"default": ""
},
{
"name": "Value",
"type": "string",
"default": ""
}
],
"permissions": [
"ec2:CreateTags",
"sns:TagResource",
"sqs:TagQueue",
"sqs:GetQueueUrl"
]
},
{
"name": "kms_enable_rotation",
"displayName": "Enable KMS Rotation",
"description": "Enables rotations of KMS Keys",
"resourceTypes": [
"Region"
],
"params": [
{
"name": "KMS Key Id",
"type": "string",
"default": ""
}
],
"permissions": [
"kms:EnableKeyRotation"
]
},
{
"name": "s3_allow_ssl_only",
"displayName": "S3 Enforce SSL",
"description": "Enforces SSL for object access",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:PutBucketPolicy"
]
},
{
"name": "ec2_delete_nat_gateway",
"displayName": "Delete NAT Gateway",
"description": "Deletes a specified NAT Gateway",
"resourceTypes": [
"NAT Gateway"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:DeleteNatGateway"
]
},
{
"name": "ecs_stop",
"displayName": "Stop ECS Cluster",
"description": "Stops ECS Cluster",
"resourceTypes": [
"ECS Cluster"
],
"params": [],
"permissions": [
"ecs:ListTasks",
"ecs:DescribeTasks",
"ecs:DescribeTaskDefinition",
"ecs:StopTask",
"ecs:UpdateContainerInstancesState"
]
},
{
"name": "ec2_terminate_instance",
"displayName": "Terminate Instance",
"description": "Terminates EC2 Instance",
"resourceTypes": [
"EC2 Instance"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
},
{
"name": "SnapShotBeforeTerminate",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:TerminateInstances"
]
},
{
"name": "rds_terminate_instance",
"displayName": "Delete RDS DB Instance",
"description": "Deletes an RDS DB Instance",
"resourceTypes": [
"RDS DB Instance"
],
"params": [
{
"name": "SkipSnapshot",
"type": "boolean",
"default": "false"
},
{
"name": "DeleteBackups",
"type": "boolean",
"default": "false"
}
],
"permissions": [
"rds:DeleteDBInstance"
]
},
{
"name": "dynamodb_delete_table",
"displayName": "Delete Dynamo DB Table",
"description": "Deletes a specified Dynamo DB Table",
"resourceTypes": [
"DynamoDB Table"
],
"params": [],
"permissions": [
"dynamodb:DeleteTable"
]
},
{
"name": "iam_revoke_access_key",
"displayName": "Revoke Access Key",
"description": "Revokes IAM User Access Keys",
"resourceTypes": [
"IAM User"
],
"params": [],
"permissions": [
"iam:ListAccessKeys",
"iam:UpdateAccessKey"
]
},
{
"name": "s3_enable_versioning",
"displayName": "Enable S3 Versioning",
"description": "Enables Object Versioning",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:PutBucketVersioning"
]
},
{
"name": "iam_user_detach_group",
"displayName": "Detach User from Group",
"description": "Detaches a user from a specified User Group",
"resourceTypes": [
"IAM User"
],
"params": [
{
"name": "Group",
"type": "string",
"default": ""
}
],
"permissions": [
"iam:RemoveUserFromGroup"
]
},
{
"name": "sg_delete_rules",
"displayName": "Delete Rules",
"description": "Removes all Egress and Ingress rules from a Security Group",
"resourceTypes": [
"Security Group"
],
"params": [],
"permissions": [
"ec2:DescribeSecurityGroups",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress"
]
},
{
"name": "iam_deactivate_unused_access_keys",
"displayName": "Deactivate Keys",
"description": "Deactivates Unused Access Keys",
"resourceTypes": [
"IAM User"
],
"params": [
{
"name": "MaxDaysUsed",
"type": "number",
"default": "90"
}
],
"permissions": [
"iam:ListAccessKeys",
"iam:UpdateAccessKey",
"iam:GetAccessKeyLastUsed"
]
},
{
"name": "lambda_disable",
"displayName": "Disable Lambda",
"description": "Disables a Lambda from Executing",
"resourceTypes": [
"Lambda Function"
],
"params": [],
"permissions": [
"lambda:PutFunctionConcurrency"
]
},
{
"name": "ec2_delete_key_pair",
"displayName": "Delete EC2 Key Pair",
"description": "Deletes a specified EC2 Key Pair",
"resourceTypes": [
"EC2 Instance"
],
"params": [
{
"name": "Key Name",
"type": "string"
}
],
"permissions": [
"ec2:DeleteKeyPair"
]
},
{
"name": "s3_delete_permissions",
"displayName": "Delete S3 Permissions",
"description": "Deletes all ACLs and Bucket Policies from an S3 bucket",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:DeleteBucketPolicy",
"s3:PutBucketAcl"
]
},
{
"name": "s3_enable_logging",
"displayName": "Enable Access Logging",
"description": "Enables Access Logging for S3 Buckets",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:ListBucket",
"s3:CreateBucket",
"s3:PutBucketLogging"
]
},
{
"name": "redshift_delete_cluster",
"displayName": "Delete Redshift Cluster",
"description": "Deletes a Redshift Cluster",
"resourceTypes": [
"Redshift Cluster"
],
"params": [
{
"name": "SkipSnapshot",
"type": "boolean",
"default": "false"
}
],
"permissions": [
"redshift:DeleteCluster"
]
},
{
"name": "s3_delete_acls",
"displayName": "Delete S3 ACLs",
"description": "Deletes S3 Bucket Access Control Lists",
"resourceTypes": [
"S3 Bucket"
],
"params": [],
"permissions": [
"s3:PutBucketAcl"
]
},
{
"name": "workspaces_start_workspace",
"displayName": "Start Workspace",
"description": "Starts a Workspace",
"resourceTypes": [
"Workspace"
],
"params": [],
"permissions": [
"workspaces:StartWorkspaces"
]
},
{
"name": "rds_aurora_delete_cluster",
"displayName": "Delete Aurora Cluster",
"description": "Deletes and Aurora DB Cluster",
"resourceTypes": [
"Aurora DB Cluster"
],
"params": [
{
"name": "SkipAuroraSnapshot",
"type": "boolean",
"default": "false"
}
],
"permissions": [
"rds:DeleteDBCluster",
"rds:DescribeDBClusters",
"rds:ModifyDBCluster"
]
},
{
"name": "ec2_delete_snapshot",
"displayName": "Delete EBS Snapshot",
"description": "Deletes a specified EBS Snapshot",
"resourceTypes": [
"EBS Snapshot"
],
"params": [
{
"name": "DryRun",
"type": "boolean",
"default": "true"
}
],
"permissions": [
"ec2:DeleteSnapshot"
]
},
{
"name": "iam_force_user_password_change",
"displayName": "Force Password Change",
"description": "Forces user to change their password on next login",
"resourceTypes": [
"IAM User"
],
"params": [],
"permissions": [
"iam:UpdateLoginProfile"
]
}
]
}
Azure
{
"automations": [
{
"name": "vm_stop",
"displayName": "Stop VM",
"description": "Stops (Pauses) a Virtual Machine. Charges are still incurred for allocated resources such as IP addresses",
"resourceTypes": [
"Virtual Machine"
],
"params": [],
"permissions": []
},
{
"name": "vm_delete",
"displayName": "Delete VM",
"description": "Delete a Virtual Machine",
"resourceTypes": [
"Virtual Machine"
],
"params": [],
"permissions": []
},
{
"name": "vm_start",
"displayName": "Start VM",
"description": "Start a Virtual Machine",
"resourceTypes": [
"Virtual Machine"
],
"params": [],
"permissions": []
},
{
"name": "vm_deallocate",
"displayName": "Stop (Deallocate) VM",
"description": "Shuts down the virtual machine and releases the compute resources. Charges are no longer incurred by this VM",
"resourceTypes": [
"Virtual Machine"
],
"params": [],
"permissions": []
},
{
"name": "image_delete",
"displayName": "Delete Image",
"description": "Deletes an Image",
"resourceTypes": [
"Image"
],
"params": [],
"permissions": []
}
]
}
