1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
Try this, let me know if this resolves your issue.
SCP: Restrict S3 uploads
Prevent uploads of unencrypted S3 objects.
{
"Sid": "DenyUnencryptedS3Uploads",
"Effect": "Deny",
"Action": "s3:PutObject",
"Resource": "*",
"Condition": {
"StringNotLike": {
"s3:x-amz-server-side-encryption": ["aws:kms", "AES256"]
},
"Null": {
"s3:x-amz-server-side-encryption": "false"
}
}
}
]
}
répondu il y a un an
Contenus pertinents
- demandé il y a un an
- demandé il y a un mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans
No this is not what i asked, i want to add an exemption when a bucket has a tag "exempted": "yes". When the tag is added to bucket i would like to NOT enforce this SCP
Yes the policy itself is working and preventing any non-encrypted uploads, but now i am trying to see if i can add an exemption