2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
Just a stab. Is there a typo in the ARN, missing the slash?
"Resource": "arn:aws:s3:::my-bucket*",
Should be:
"Resource": "arn:aws:s3:::my-bucket/*",
0
Thanks,
That full policy is actually a copy/paste when you lock it down in CloudFront. There is a simple button that says to copy the policy, and I did check and that is correct under resource;
"Resource": "arn:aws:s3:::mybucket/*",
I may have messed up when I renamed to post, but good thought. I have 4 identical buckets, I marked 2 as resolved and they are no longer showing in the security hub listing, but the other 2 still show (and say last seen an hour ago), so I am wondering if I really just need to mark them (that would be terrible), but going to test that now.
Will advise
con risposta 3 mesi fa