Overview

A Config rule that checks that the access granted by the Amazon S3 bucket is restricted by any of the AWS principals, federated users, service principals, IP addresses, or VPCs that you provide. The rule is COMPLIANT if a bucket policy is not present.

Configuration Templates

Items
1
Size
0.7 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: s3-bucket-policy-grantee-check
      Description: >-
        A Config rule that checks that the access granted by the Amazon S3
        bucket is restricted by any of the AWS principals, federated users,
        service principals, IP addresses, or VPCs that you provide. The rule is
        COMPLIANT if a bucket policy is not present.
      Scope:
        ComplianceResourceTypes:
          - 'AWS::S3::Bucket'
      InputParameters:
        federatedUsers: '3600'
      Source:
        Owner: AWS
        SourceIdentifier: S3_BUCKET_POLICY_GRANTEE_CHECK
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Cf Template

Rule Parameters

 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation: