v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Control: 13 S3 buckets should have lifecycle policies configured

Description

This control checks if a lifecycle policy is configured for an Amazon S3 bucket. This control fails if a lifecycle policy is not configured for an S3 bucket.

Configuring lifecycle rules on your S3 bucket defines actions that you want S3 to take during an object's lifetime. For example, you can transition objects to another storage class, archive them, or delete them after a specified period of time.

Remediation

For information about configuring lifecycle policies on an Amazon S3 bucket, see Setting lifecycle configuration on a bucket and see Managing your storage lifecycle in the Amazon S3 User Guide.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.foundational_security_s3_13

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.foundational_security_s3_13 --share

SQL

This control uses a named query:

s3_bucket_lifecycle_policy_enabled

Tags

aws_foundational_security = true
category = Compliance
foundational_security_category = data_protection
foundational_security_item_id = s3_13
plugin = aws
service = AWS/S3