aws_compliance

AWS Compliance

This control checks if AWS Simple Storage Service (AWS S3) buckets have lifecycle policy configured. This rule fails if AWS S3 lifecycle policy is not enabled.

s3_bucket_lifecycle_policy_enabled

pci_dss_v321_requirement_10_7_a

10.7.a Examine security policies and procedures to verify that they define audit log retention policies and procedures for retaining audit logs for at least one year, with a minimum of three months immediately available online

gxp_21_cfr_part_11_11_10_c

11.10(c) Protection of records to enable their accurate and ready retrieval throughout the records retention period

pci_dss_v321_requirement_3_1_a

3.1.a Examine the data retention and disposal policies, procedures and processes to verify they satisfy all the requirements for cardholder data (CHD) storage

pci_dss_v321_requirement_3_2_c

3.2.c For all other entities, if sensitive authentication data is received, review policies and procedures, and examine system configurations to verify the data is not retained after authorization

soc_2_c_1_2

C1.2 The entity disposes of confidential information to meet the entity’s objectives related to confidentiality

nist_csf_id_be_5

ID.BE-5

nist_csf_pr_ds_4

PR.DS-4

nist_csf_pr_ip_4

PR.IP-4

nist_csf_pr_pt_5

PR.PT-5

nist_csf_rc_rp_1

RC.RP-1

all_controls_s3

S3 buckets should have lifecycle policies configured

foundational_security_s3_13

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: S3 buckets should have lifecycle policies configured

Description

Usage

SQL

Tags