S3 Bucket

Simple Storage Service (S3) Bucket

Resource Type

AWS.S3.Bucket

Resource ID Format

For S3 Buckets, the resource ID is the ARN.

arn:aws:s3:::example-bucket

Background

S3 is an object storage service offered by AWS for organization of data.

Fields

Field

Type

Description

Grants

List

What users, groups, or roles have been granted access to this S3 bucket and what access they have been granted.

LifecycleRules

List

Rules for managing the expiration and archival of data.

EncryptionRules

List

Rules for encrypting the S3 bucket.

LoggingPolicy

Map

Describes where access logs are stored.

MFADelete

String

Indicates if MFA delete is Enabled on the bucket or not. If not, this value will be blank.

ObjectLockConfiguration

Map

These configuration options prevent an object from being deleted or overwritten for a specified amount of time.

Owner

Map

Information on the Bucket owner.

Policy

String

The IAM policy attached to the bucket.

Versioning

String

`ENABLED

SUSPENDED`

PublicAccessBlockConfiguration

Map

Indicates how the S3 bucket's Block Public Access settings are configured.

Example

{
"AccountId": "123456789012",
"Arn": "arn:aws:s3:::example-bucket",
"EncryptionRules": [
{
"ApplyServerSideEncryptionByDefault": {
"KMSMasterKeyID": "1",
"SSEAlgorithm": "aws:kms"
}
}
],
"Grants": [
{
"Grantee": {
"DisplayName": "example.user",
"EmailAddress": null,
"ID": "1",
"Type": "CanonicalUser",
"URI": null
},
"Permission": "FULL_CONTROL"
}
],
"LifecycleRules": [
{
"AbortIncompleteMultipartUpload": null,
"Expiration": null,
"Filter": {
"And": null,
"Prefix": null,
"Tag": null
},
"ID": "1",
"NoncurrentVersionExpiration": {
"NoncurrentDays": 365
},
"NoncurrentVersionTransitions": null,
"Prefix": null,
"Status": "Enabled",
"Transitions": null
}
],
"LoggingPolicy": {
"TargetBucket": "example-bucket-2",
"TargetGrants": null,
"TargetPrefix": "/"
},
"MFADelete": null,
"Name": "example-bucket",
"ObjectLockConfiguration": null,
"Owner": {
"DisplayName": "example.user",
"ID": "1"
},
"Policy": null,
"PublicAccessBlockConfiguration": {
"BlockPublicAcls": true,
"BlockPublicPolicy": true,
"IgnorePublicAcls": true,
"RestrictPublicBuckets": true
},
"Region": "us-west-2",
"ResourceId": "arn:aws:s3:::example-bucket",
"ResourceType": "AWS.S3.Bucket",
"Tags": {
"Key1": "Value1",
"Key2": "Value2"
},
"TimeCreated": "2019-01-01T00:00:00.000Z",
"Versioning": "Enabled"
}