Overview

A Config rule that checks whether the required public access block settings are configured from account level. The rule is only NON_COMPLIANT when the fields set below do not match the corresponding fields in the configuration item.

Configuration Templates

Items
1
Size
0.9 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: s3-account-level-public-access-blocks
      Description: >-
        A Config rule that checks whether the required public access block
        settings are configured from account level. The rule is only
        NON_COMPLIANT when the fields set below do not match the corresponding
        fields in the configuration item.
      Scope:
        ComplianceResourceTypes:
          - 'AWS::S3::AccountPublicAccessBlock'
      InputParameters:
        IgnorePublicAcls: 'True'
        BlockPublicPolicy: 'True'
        BlockPublicAcls: 'True'
        RestrictPublicBuckets: 'True'
      Source:
        Owner: AWS
        SourceIdentifier: S3_ACCOUNT_LEVEL_PUBLIC_ACCESS_BLOCKS
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Template

Rule Parameters

 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation:

© 2020 asecurecloud Inc. All Rights Reserved.