turbot/aws_compliance

Query: s3_bucket_cross_region_replication_enabled

Usage

powerpipe query aws_compliance.query.s3_bucket_cross_region_replication_enabled

Steampipe Tables

SQL

with bucket_with_replication as (
select
name,
r ->> 'Status' as rep_status
from
aws_s3_bucket,
jsonb_array_elements(replication -> 'Rules') as r
)
select
b.arn as resource,
case
when b.name = r.name
and r.rep_status = 'Enabled' then 'ok'
else 'alarm'
end as status,
case
when b.name = r.name
and r.rep_status = 'Enabled' then b.title || ' enabled with cross-region replication.'
else b.title || ' not enabled with cross-region replication.'
end as reason,
b.region,
b.account_id
from
aws_s3_bucket b
left join bucket_with_replication r on b.name = r.name;

Controls

The query is being used by the following controls: