it's not possible to create a custom bucket policy IaC level 0 in the console, got to select bucket or create one, allow CUR default policy apply, not possible to modify. The same in IaC level 2 like CloudFormation, and the same with CDK.
Observed Behavior
it's not possible to create a custom bucket policy IaC level 0 in the console, got to select bucket or create one, allow CUR default policy apply, not possible to modify. The same in IaC level 2 like CloudFormation, and the same with CDK.
you have to create the resource, then manualy edit the policy to respect enterprise security rules. Therefor the bucket pops up in automated security checks. Not possible to deploy programaticaly.
Test Cases
Cloudformation / CDK create a AWS::CUR::ReportDefinition with a bucket and custom bucket policy it hangs.
CREATE_FAILED | AWS::CUR::ReportDefinition | CostAndUsageReport...DefinitionF16342BC
Resource handler returned message: "null (Service: CostAndUsageReport, Status Code: 400, Request ID:
dab8ac39, Extended Request ID: null)" (, HandlerErrorCode: InvalidRequest
Name of the resource
Other
Resource Name
AWS::CUR::ReportDefinition
Issue Description
no possibility to create a custom bucket policy
Expected Behavior
it's not possible to create a custom bucket policy IaC level 0 in the console, got to select bucket or create one, allow CUR default policy apply, not possible to modify. The same in IaC level 2 like CloudFormation, and the same with CDK.
Observed Behavior
it's not possible to create a custom bucket policy IaC level 0 in the console, got to select bucket or create one, allow CUR default policy apply, not possible to modify. The same in IaC level 2 like CloudFormation, and the same with CDK. you have to create the resource, then manualy edit the policy to respect enterprise security rules. Therefor the bucket pops up in automated security checks. Not possible to deploy programaticaly.
Test Cases
Cloudformation / CDK create a AWS::CUR::ReportDefinition with a bucket and custom bucket policy it hangs. CREATE_FAILED | AWS::CUR::ReportDefinition | CostAndUsageReport...DefinitionF16342BC Resource handler returned message: "null (Service: CostAndUsageReport, Status Code: 400, Request ID: dab8ac39, Extended Request ID: null)" (, HandlerErrorCode: InvalidRequest
Other Details
No response