search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.61k stars 3.9k forks source link

(aws-cdk): (CDK provisioned S3 buckets with versioning don't have lifecycle policies configured) #21872

Closed meghannoelle closed 2 years ago

meghannoelle commented 2 years ago

Describe the bug

CDK provisioned S3 buckets cause the following finding in Security Hub: S3.10 S3 buckets with versioning enabled should have lifecycle policies configured (https://docs.aws.amazon.com/console/securityhub/S3.10/remediation)

Expected Behavior

I expected CDK to provision S3 buckets with versioning enabled to have lifecycle policies configured by default.

Current Behavior

CDK-provisioned S3 buckets with versioning don't have lifecycle policies configured by default and are breaching Security Hub's AWS foundational security best practices.

Reproduction Steps

Deploy a versioned S3 bucket and note the above finding in Security Hub.

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.35.0 (build 5c23578)

Framework Version

No response

Node.js Version

v14.18.1

OS

MacOS

Language

Typescript

Language Version

No response

Other information

No response

peterwoodworth commented 2 years ago

duplicate of https://github.com/aws/aws-cdk/issues/21868

github-actions[bot] commented 2 years ago

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.