Control: S3 directory buckets should have lifecycle configurations
Description
This control checks whether lifecycle rules are configured for an S3 directory bucket. The control fails if lifecycle rules aren't configured for the directory bucket, or a lifecycle rule for the bucket specifies expiration settings that don't match the parameter value that you optionally specify.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.s3_directory_bucket_lifecycle_policy_configured
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.s3_directory_bucket_lifecycle_policy_configured --share
SQL
This control uses a named query:
select arn as resource, case when lifecycle_rules is not null then 'ok' else 'alarm' end status, case when lifecycle_rules is not null then name || ' lifecycle policy configured.' else name || ' lifecycle policy not configured.' end reason , region, account_idfrom aws_s3_directory_bucket;