(aws-cdk): (cdk deploys S3 buckets that don't comply with Security Hub compliance packs) #21868
Labels
@aws-cdk/aws-s3
Related to Amazon S3
bug
This issue is a bug.
cause/not-a-bug
Not a bug (might still be a documentation issue, might still need work)
Describe the bug
We have several Security Hub issues for S3 buckets created when deploying with the CDK with title
S3.13 S3 buckets should have lifecycle policies configured
(https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-s3-13).Expected Behavior
I would expect S3 buckets CDK deploys to enforce definitions for lifecycle policies to avoid breaching Security Hub policies.
Current Behavior
They do not have lifecycle policies defined OOB.
Reproduction Steps
Possible Solution
Few options:
lifecyclePolicy
prop required (this is probably overdoing it)lifecyclePolicy
parameter always definedAdditional Information/Context
No response
CDK CLI Version
2.35.0
Framework Version
No response
Node.js Version
v16.15.1
OS
MacOS
Language
Typescript
Language Version
No response
Other information
No response
The text was updated successfully, but these errors were encountered: