A Config rule that checks that the access granted by the Amazon S3 bucket is restricted by any of the AWS principals, federated users, service principals, IP addresses, or VPCs that you provide. The rule is COMPLIANT if a bucket policy is not present.
This config rule supports the following parameters:
awsPrincipals
Required: No
Type: CSV
Description:Comma-separated list of principals such as IAM User ARNs, IAM Role ARNs and AWS accounts
servicePrincipals
Required: No
Type: CSV
Description:Comma-separated list of service principals
federatedUsers
Required: No
Type: CSV
Description:Comma-separated list of identity providers for web identity federation such as Amazon Cognito and SAML identity providers
ipAddresses
Required: No
Type: CSV
Description:Comma-separated list of CIDR formatted IP addresses
vpcIds
Required: No
Type: CSV
Description:Comma-separated list of Amazon Virtual Private Clouds (Amazon VPC) IDs