- Audit
- Storage Audit
Checks performed
- Bucket Versioning Should Be Enabled
- Bucket Logging Should Be Enabled
- Bucket Should Not Allow Global Access
- Buckets Should Have Uniform Access
- Storage Bucket Logs Should Not be Publicly Accessible
- Buckets Should Be Encrypted Using Customer Managed Keys (CMKs)
- Buckets Should Not Allow All Users to Write
- Buckets Should Not Allow All Authenticated Users to Write
- Buckets Should Not Allow Public Ownership
- Buckets Should Not Allow All Authenticated Users Ownership
- Buckets Should Not Allow All Users Reads
- Buckets Should Not Allow All Authenticated User Reads
- Buckets Should Have DNS Compliant Names
- Storage Buckets Should Have A Retention Policy Defined
- Buckets Should Have Lifecycle Rules Configured
- List All Buckets which have Website Configuration (Informational)
- Retention Policy Must Be Locked with a Specified Minimum Duration