Loading controls...
Benchmark: S3
Description
This benchmark provides a set of controls that detect Terraform AWS S3 resources deviating from security best practices.
Usage
Browse dashboards and select S3:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check terraform_aws_compliance.benchmark.s3Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share terraform_aws_compliance.benchmark.s3Controls
- S3 bucket cross-region replication should enabled
- S3 bucket default encryption should be enabled with KMS
- S3 bucket default encryption should be enabled
- S3 bucket logging should be enabled
- Ensure MFA Delete is enabled on S3 buckets
- S3 bucket object lock should be enabled
- S3 Block Public Access setting should be enabled at the bucket level
- S3 bucket versioning should be enabled
- S3 public access should be blocked at account level