I am writing a cloud custodian policy to find the s3 buckets which are not encrypted on creation- send an email to slack for 5 days- then encrypt on the 6th day. I have figured out the component on emailing to slack. But not able to put the logic to mark the S3 bucket for encryption and then encrypt on current date. Any help is appreciated
Related Questions in AMAZON-S3
- Mocking AmazonS3 listObjects function in scala
- S3 integration testing
- Error **net::ERR_CONNECTION_RESET** error while uploading files to AWS S3 using multipart upload and Pre-Signed URL
- Golang lambda upload image into s3 static website
- How to take first x seconds of Audio from a wav file read from AWS S3 as binary stream using Python?
- AWS Lambda Trigger For Same S3 File Name In Quick Succession
- Is there a way to upload a file in digital ocean object storage using php curl
- How to setup AWS credentials for next.js apps?
- S3 pre-signed url not working on whatsapp cloud Api
- How to set custom Origin Name in AWS CDK for CloudFront
- Property 'location' does not exist on type 'File'
- Resource handler returned message: "Unable to validate the following destination configurations
- Webmin CentOS7 AWS backup errors - perl(S3::AWSAuthConnection) can't be installed
- How to access variable to pass through url_for() as src in Flask App
- I cant figure out how to pull scripts from s3 to my aws workspace
Related Questions in AWS-LAMBDA
- Query parameter works fine with fastapi application when tested locally but not working when the FastAPI application is deployed on AWS lambda
- Lambda endpoint for the Google OAuth callback does not recieve the access_token
- Golang lambda upload image into s3 static website
- Unable to run Bash Script using AWS Custom Lambda Runtime
- Call an External API from AWS Lambda
- AWS Lambda Trigger For Same S3 File Name In Quick Succession
- Trouble Extracting Request Body in Flask-Lambda Application Deployed on AWS Lambda via AWS SAM
- S3 pre-signed url not working on whatsapp cloud Api
- 'Load failed' error when trying to create a function in AWS lambda
- Using Python CDK to bundle dotnet 8 code to AWS Lambda function
- AWS WebSocket API return forbidden (403) error when sending message
- Pass integer value in json serializable Python Object
- AWS Lambda successfully called with 'Function URL', but not with 'API Gateway'
- How do I create a *clean* AWS lambda function in python?
- Laravel Vapor Queue Dynamic DB Connection Issue for Different Requests
Related Questions in POLICY
- Error when creating cedar template-linked policy using CloudFormation
- Multiple commands produce while adding Target
- GCP IAM Policy revoked all access
- Changing users's passwords on Hashicorp Vault
- Refused to frame 'https://github.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'"
- AWS-cloudformation: Resource handler returned message: "An ARN in the specified key policy is invalid. "
- Preventing Merge and Branch your own code on TFS
- Custom Authorization Policy User.Identity.Name is null
- Does using IAM policy with the following permission allow the user / group / role to do anything withing the aws account?
- Limit container restart time(or count) inside a pod (deployment)
- Cordova was listed on the list of requirements for third-party SDKs announced by Apple. How can we get Privacy Manifest file or create it?
- Azure Policy - deny changes via user interface
- bicep template to deploy Azure recoveryservicesvault with policytype 'Enhanced'
- Azure APIM- Custom policy file applying in different scopes idempotently
- Azure Policy Tag add tag if missing
Related Questions in CLOUDCUSTODIAN
- How to add cloud custodian policies as AWS lambda functions?
- How can I send email notification via SNS using cloud custodian
- Cloud Custodian c7n - Policy to count RDS instances greater than 3
- custodian object not found exception
- Cloud custodian policy and rds instance count for clusters
- How to set the python runtime on AWS when using c7n-org to create custodian rule
- Containerize cloud custodian lambda in AWS to tag RDS instance
- GCP-Audit Cloud Custodian
- JMESPath query with CloudCustodian filter Key for ec2 ami
- Target specific buckets for applying cloud custodian policy
- Cloud Custodian Policy action not working - ec2 start
- generate random string in cloud custodian policy
- Creating a webhook Cloud Custodian action to post a slack message in a channel
- How to get hidden fields from AWS Resource in Cloud Custodian policy
- Running a K8s pod to support python virtual env
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Consider using lambda as a custom AWS Config Rule, or create a lambda that is triggered off a compliance change to the standard rule: S3 bucket encryption is enabled.
For either, the lambda identifies the bucket and applies the encryption setting.
The tricky part is applying this on the 6th day. Applying immediately would provide better enforcement of the policy. To do this will require separate storage of the bucket ARN and the date to apply the encryption setting and a scheduler to run the function that either sends another Slack message or applies encryption.
For the first approach there is documentation for creating custom rules:
For the second approach, create a CloudWatch rule with