S3 Bucket Without Versioning
- Query id: 9232306a-f839-40aa-b3ef-b352001da9a5
- Query name: S3 Bucket Without Versioning
- Platform: Ansible
- Severity: Medium
- Category: Observability
- URL: Github
Description¶
S3 bucket should have versioning enabled
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
---
- name: foo
amazon.aws.s3_bucket:
name: mys3bucket
policy: "{{ lookup('file','policy.json') }}"
requester_pays: yes
tags:
example: tag1
another: tag2
- name: foo2
amazon.aws.s3_bucket:
name: mys3bucket
policy: "{{ lookup('file','policy.json') }}"
requester_pays: yes
versioning: no
tags:
example: tag1
another: tag2