Super linter : Terrascan s3 bucket issue

Question

Super linter : Terrascan s3 bucket issue

270 views Asked by Deepak Jotwani At 09 February 2021 at 11:02

I am facing the issue while adding super linter in the git actions for my terraform files.

The terrascan present in the super linter is giving the following error

results:
violations:

rule_name: s3EnforceUserACL description: S3 bucket Access is allowed to all AWS Account Users.
rule_id: AWS.S3Bucket.DS.High.1043
severity: HIGH
category: S3
resource_name: <resource_name>
resource_type: aws_s3_bucket
file: main.tf
line: 38
count:
low: 0
medium: 0
high: 1
total: 1

My terraform code for this s3 is

resource "aws_s3_bucket" "bucket" {
  bucket        = <BUCKER_NAME>
  acl           = "private"
  force_destroy = true
  versioning {
    enabled = true
  }
}

resource "aws_s3_bucket_public_access_block" "bucket_access" {
  bucket = aws_s3_bucket.bucket.id

  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
}

Not getting any details for the error on the terrascan documents. Any help is appreciated, Thanks :)

Original Q&A

There are 1 answers

**ppi** · Accepted Answer · 2021-03-02 08:45:40

ppi On 02 March 2021 at 08:45 BEST ANSWER

You need to specify the Bucket Policy, either by:

aws_s3_bucket.policy parameter (so-called inline policy, note that this will skip the whole policy analysis)
aws_s3_bucket_policy dedicated resource

Reference: s3EnforceUserACL.rego

TechQA.

Super linter : Terrascan s3 bucket issue

There are 1 answers

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-S3

Related Questions in TERRAFORM

Related Questions in ACL

Related Questions in SUPER-LINTER

Popular Questions

Popular Tags

Trending Questions