You must be logged in to view saved presets
S3 Bucket Policy Grantee Check
A Config rule that checks that the access granted by the Amazon S3 bucket is restricted by any of the AWS principals, federated users, service principals, IP addresses, or VPCs that you provide. The rule is COMPLIANT if a bucket policy is not present.
This config rule supports the following parameters:
- awsPrincipals
- Required: No
- Type: CSV
- Description:Comma-separated list of principals such as IAM User ARNs, IAM Role ARNs and AWS accounts
- servicePrincipals
- Required: No
- Type: CSV
- Description:Comma-separated list of service principals
- federatedUsers
- Required: No
- Type: CSV
- Description:Comma-separated list of identity providers for web identity federation such as Amazon Cognito and SAML identity providers
- ipAddresses
- Required: No
- Type: CSV
- Description:Comma-separated list of CIDR formatted IP addresses
- vpcIds
- Required: No
- Type: CSV
- Description:Comma-separated list of Amazon Virtual Private Clouds (Amazon VPC) IDs
CloudFormation Template
© 2025 asecurecloud. All rights reserved.