Checks if S3 buckets are publicly accessible. The rule is NON_COMPLIANT if an S3 bucket is not listed in the `excludedPublicBuckets` parameter and bucket level settings are public.

This config rule supports the following parameters:

  • excludedPublicBuckets
    • Required: No
    • Type: CSV
    • Description:Comma-separated list of known allowed public Amazon S3 bucket names.

CloudFormation Template