steffeng
commented
3 months ago Thanks @xnick123, for the feedback and the contribution. Based on your feedback, in PR #18 we implemented automated AWS CloudFormation Guard checks for the Security Pillar on Pull Requests. We did fix most checks and raised the security bar. However, we don't want to make a decision for customers' versioning or a retention policies. Customers will have to make this decision triggered by AWS Security Hub on their own if they specified this rule.
Hi,
i will contribute a small change to enable versioning, to resolve AWS Securityhub finding: 07/08/2024 corrected from [S3.10] S3 general purpose buckets with versioning enabled should have Lifecycle configurations to [S3.14] [S3 general purpose buckets should have versioning enabled](https://docs.aws.amazon.com/securityhub/latest/userguide/s3-controls.html#s3-14)
If interested, i'll add some more, like logging for the same reason.
We have a POC in our company and are glad you shared this solution!
Best Regards, Nick