Disabled versioning is detected for AWS S3 object. Make sure that versioning is enabled for AWS S3 object.
1resource "aws_s3_bucket" "exampletest" {
2 bucket = "pike-680235478471"
3 expected_bucket_owner = "680235478471"
4 # Noncompliant: S3 bucket have versioning disabled.
5 versioning {
6 enabled = false
7 }
8 server_side_encryption_configuration {
9 rule {
10 apply_server_side_encryption_by_default {
11 kms_master_key_id = aws_kms_key.mykey.arn
12 sse_algorithm = var.bla
13 }
14 }
15 }
16 replication_configuration {
17 role = aws_iam_role.replication.arn
18
19 rules {
20 id = "foobar"
21 status = var.replication_enabled
22
23 filter {
24 tags = {}
25 }
26 destination {
27 bucket = aws_s3_bucket.destination.arn
28 storage_class = "STANDARD"
29
30 replication_time {
31 status = "Enabled"
32 minutes = 15
33 }
34
35 metrics {
36 status = "Enabled"
37 minutes = 15
38 }
39 }
40 }
41 }
42}
43resource "aws_s3_bucket_logging" "example" {
44 bucket = aws_s3_bucket.exampletest.id
45 target_bucket = aws_s3_bucket.exampletest.id
46 target_prefix = "log/"
47}
48resource "aws_s3_bucket_public_access_block" "access_good_1" {
49 bucket = aws_s3_bucket.exampletest.id
50
51 block_public_acls = true
52 block_public_policy = true
53 ignore_public_acls = true
54 restrict_public_buckets = true
55}
56resource "aws_s3_bucket_lifecycle_configuration" "pass" {
57 bucket = aws_s3_bucket.exampletest.id
58
59 rule {
60 abort_incomplete_multipart_upload {
61 days_after_initiation = 7
62 }
63 filter {}
64 id = "log"
65 status = "Enabled"
66 }
67}
68resource "aws_s3_bucket_notification" "bucket_notification" {
69 bucket = aws_s3_bucket.exampletest.id
70
71 topic {
72 topic_arn = aws_sns_topic.topic.arn
73 events = ["s3:ObjectCreated:*"]
74 filter_suffix = ".log"
75 }
76}
1resource "aws_s3_bucket" "exampletest" {
2 bucket = "pike-680235478471"
3 expected_bucket_owner = "680235478471"
4 # Compliant: S3 bucket have versioning enabled.
5 versioning {
6 enabled = true
7 }
8 server_side_encryption_configuration {
9 rule {
10 apply_server_side_encryption_by_default {
11 kms_master_key_id = aws_kms_key.mykey.arn
12 sse_algorithm = var.bla
13 }
14 }
15 }
16 replication_configuration {
17 role = aws_iam_role.replication.arn
18
19 rules {
20 id = "foobar"
21 status = var.replication_enabled
22
23 filter {
24 tags = {}
25 }
26 destination {
27 bucket = aws_s3_bucket.destination.arn
28 storage_class = "STANDARD"
29
30 replication_time {
31 status = "Enabled"
32 minutes = 15
33 }
34
35 metrics {
36 status = "Enabled"
37 minutes = 15
38 }
39 }
40 }
41 }
42}
43resource "aws_s3_bucket_logging" "example" {
44 bucket = aws_s3_bucket.exampletest.id
45 target_bucket = aws_s3_bucket.exampletest.id
46 target_prefix = "log/"
47}
48resource "aws_s3_bucket_public_access_block" "access_good_1" {
49 bucket = aws_s3_bucket.exampletest.id
50
51 block_public_acls = true
52 block_public_policy = true
53 ignore_public_acls = true
54 restrict_public_buckets = true
55}
56resource "aws_s3_bucket_lifecycle_configuration" "pass" {
57 bucket = aws_s3_bucket.exampletest.id
58
59 rule {
60 abort_incomplete_multipart_upload {
61 days_after_initiation = 7
62 }
63 filter {}
64 id = "log"
65 status = "Enabled"
66 }
67}
68resource "aws_s3_bucket_notification" "bucket_notification" {
69 bucket = aws_s3_bucket.exampletest.id
70
71 topic {
72 topic_arn = aws_sns_topic.topic.arn
73 events = ["s3:ObjectCreated:*"]
74 filter_suffix = ".log"
75 }
76}