Control: S3 bucket lifecycle configuration should abort incomplete multipart uploads
Description
Ensure that the S3 lifecycle configuration includes a rule to set a specific period for automatically aborting failed uploads.
Usage
Run the control in your terminal:
powerpipe control run terraform_aws_compliance.control.s3_bucket_abort_incomplete_multipart_upload_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_aws_compliance.control.s3_bucket_abort_incomplete_multipart_upload_enabled --shareSQL
This control uses a named query:
with lifecycle_configuration_with_abort_incomplete_multipart_upload as ( select concat(address) as name from terraform_resource, jsonb_array_elements(attributes_std -> 'rule') as r where r ->> 'id' = 'AbortIncompleteMultipartUploadRule' and r ->> 'status' = 'Enabled' and type = 'aws_s3_bucket_lifecycle_configuration')select r.address as resource, case when u.name is not null then 'ok' else 'alarm' end as status, split_part(r.address, '.', 2) || case when u.name is not null then ' has abort incomplete multipart upload enabled' else ' has abort incomplete multipart upload disabled' end || '.' as reason , path || ':' || start_linefrom terraform_resource as r left join lifecycle_configuration_with_abort_incomplete_multipart_upload as u on u.name = r.addresswhere r.type = 'aws_s3_bucket_lifecycle_configuration';