AWS S3 bucket Terraform module
Upstream version 5.14.0
7 controls from ACSC Essential Eight requirements
Terraform Module Source
acscessentialeight.compliance.tf/terraform-aws-modules/s3-bucket/awsBehavioral Summary
This module modifies 3 variable defaults and makes 0 resource changes from the upstream module. All changes are driven by compliance controls and can be reviewed in detail below.
Your Code Impact
If you are migrating from the upstream module, the enforced default changes mean your existing configurations will automatically gain compliance controls. Variables you have explicitly set will continue to use your values. Review the diff below to understand exactly what changes.
Compared to
terraform-aws-modules/s3-bucket/aws@5.14.03 changesVariables Changed
3| Variable | Upstream | CTF | Reason | Control |
|---|---|---|---|---|
| attach_policy | false | true | This control checks whether the S3 bucket policy prevents principals from other AWS accounts from performing denied actions on resources in the S3 bucket. | s3_bucket_policy_restricts_cross_account_permission_changes |
| policy | - | {"Version":"2012-10-17","Statement":[{"Sid":"DenyCrossAcc... | Default differs from upstream | |
| versioning | {} | { "mfa_delete": "Enabled" } | Once MFA Delete is enabled on your sensitive and classified S3 bucket it requires the user to have two forms of authentication. | s3_bucket_mfa_delete_enabled |