Home
Pricing
Github
Slack Channel
Home
Quick Start
System Configuration
Data Onboarding
Writing Detections
Destinations
Data Analytics
Development
Help
Log Analysis
Overview
Rules
Supported Logs
Standard Fields
Cloud Security
Overview
Setup
Policies
Built-in Policy Runbooks
Automatic Remediation
Supported Resources
AWS
ACM Certificate
CloudFormation Stack
CloudWatch Log Group
CloudTrail
CloudTrail Meta
Config Recorder
Config Recorder Meta
DynamoDB Table
EC2 AMI
EC2 Instance
EC2 Network ACL
EC2 SecurityGroup
EC2 Volume
EC2 VPC
ECS Cluster
ELBV2 Application Load Balancer
GuardDuty Detector
GuardDuty Detector Meta
IAM Group
IAM Policy
IAM Role
IAM Root User
IAM User
KMS Key
Lambda Function
Password Policy
RDS Instance
Redshift Cluster
S3 Bucket
WAF Web ACL
Powered by GitBook

S3 Bucket

Simple Storage Service (S3) Bucket

Resource Type

AWS.S3.Bucket

Resource ID Format

For S3 Buckets, the resource ID is the ARN.

arn:aws:s3:::example-bucket

Background

S3 is an object storage service offered by AWS for organization of data.

Fields

Field

Type

Description

​

Grants

List

What users, groups, or roles have been granted access to this S3 bucket and what access they have been granted.

​

LifecycleRules

List

​Rules for managing the expiration and archival of data.

​

EncryptionRules

List

​Rules for encrypting the S3 bucket.

​

LoggingPolicy

Map

​Describes where access logs are stored.

​

MFADelete

String

Indicates if MFA delete is Enabled on the bucket or not. If not, this value will be blank.

​

ObjectLockConfiguration

Map

These configuration options prevent an object from being deleted or overwritten for a specified amount of time.

​

Owner

Map

​Information on the Bucket owner.

​

Policy

String

The IAM policy attached to the bucket.

​

Versioning

String

`ENABLED

SUSPENDED`

PublicAccessBlockConfiguration

Map

Indicates how the S3 bucket's Block Public Access settings are configured.

​

Example

{
    "AccountId": "123456789012",
    "Arn": "arn:aws:s3:::example-bucket",
    "EncryptionRules": [
        {
            "ApplyServerSideEncryptionByDefault": {
                "KMSMasterKeyID": "1",
                "SSEAlgorithm": "aws:kms"
            }
        }
    ],
    "Grants": [
        {
            "Grantee": {
                "DisplayName": "example.user",
                "EmailAddress": null,
                "ID": "1",
                "Type": "CanonicalUser",
                "URI": null
            },
            "Permission": "FULL_CONTROL"
        }
    ],
    "LifecycleRules": [
        {
            "AbortIncompleteMultipartUpload": null,
            "Expiration": null,
            "Filter": {
                "And": null,
                "Prefix": null,
                "Tag": null
            },
            "ID": "1",
            "NoncurrentVersionExpiration": {
                "NoncurrentDays": 365
            },
            "NoncurrentVersionTransitions": null,
            "Prefix": null,
            "Status": "Enabled",
            "Transitions": null
        }
    ],
    "LoggingPolicy": {
        "TargetBucket": "example-bucket-2",
        "TargetGrants": null,
        "TargetPrefix": "/"
    },
    "MFADelete": null,
    "Name": "example-bucket",
    "ObjectLockConfiguration": null,
    "Owner": {
        "DisplayName": "example.user",
        "ID": "1"
    },
    "Policy": null,
    "PublicAccessBlockConfiguration": {
        "BlockPublicAcls": true,
        "BlockPublicPolicy": true,
        "IgnorePublicAcls": true,
        "RestrictPublicBuckets": true
    },
    "Region": "us-west-2",
    "ResourceId": "arn:aws:s3:::example-bucket",
    "ResourceType": "AWS.S3.Bucket",
    "Tags": {
        "Key1": "Value1",
        "Key2": "Value2"
    },
    "TimeCreated": "2019-01-01T00:00:00.000Z",
    "Versioning": "Enabled"
}
Previous
Redshift Cluster
Next
WAF Web ACL
Last updated 2 months ago
Contents
Resource Type
Resource ID Format
Background
Fields
Example