Skip to main content

Configure S3 Buckets should use encryption

  1. Configure S3 Buckets should use encryption
  2. Use Case for S3 Buckets should use encryption
  3. Triage Guides by Violation Type
    1. Triage S3 Buckets should use encryption DEFAULT_ENCRYPTION_DISABLED

How do I enable this policy?

Signature:
Type: Pyrae::Policy::PolicyDocument::Signatory
Properties:
SignatureTeamUrn: { "PyRef": "PyraeTeam" }
PolicyUrn: "urn:pyrae:policy:us-west-2:sAutx4ZxiqTJUzJdvky2km:policy/s3BucketEncryptionPolicy"

What permissions does this policy require in my AWS account?

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetEncryptionConfiguration",
"s3:GetBucketLocation"
],
"Resource": "*"
}
]
}

What resources match this policy?

Type: Pyrae::Observer::MatchingRule
Properties:
MatchAccountType: aws
MatchUrnService: s3