Skip to content

(aws-config): Add support for s3-bucket-level-public-access-prohibited managed rule in ManagedRuleIdentifiers class #18888

New issue
New issue
Closed
Closed
(aws-config): Add support for s3-bucket-level-public-access-prohibited managed rule in ManagedRuleIdentifiers class#18888
Assignees
TheRealAmazonKendra
Labels
@aws-cdk/aws-configRelated to AWS Configeffort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.good first issueRelated to contributions. See CONTRIBUTING.mdp2
@sringel

Description

@sringel
sringel
opened on Feb 9, 2022

Description

Currently ManagedRuleIdentifiers doesn't support identifier for s3-bucket-level-public-access-prohibited managed rule (S3_BUCKET_LEVEL_PUBLIC_ACCESS_PROHIBITED). The documentation for this rule is here

Use Case

I should be able to create the s3-bucket-level-public-access-prohibited managed rule through CDK higher level construct.

Proposed Solution

Add constant to packages/@aws-cdk/aws-config/lib/rule.ts

  /**
   * Checks if Amazon Simple Storage Service (Amazon S3) buckets are publicly accessible. This rule is
   * NON_COMPLIANT if an Amazon S3 bucket is not listed in the excludedPublicBuckets parameter
   *  and bucket level settings are public.
   * @see https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-level-public-access-prohibited.html
   */
  public static readonly S3_BUCKET_LEVEL_PUBLIC_ACCESS_PROHIBITED = 'S3_BUCKET_LEVEL_PUBLIC_ACCESS_PROHIBITED';

Metadata

Metadata

Assignees

Labels

@aws-cdk/aws-configRelated to AWS Configeffort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.good first issueRelated to contributions. See CONTRIBUTING.mdp2

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions