Closed meghannoelle closed 2 years ago
duplicate of https://github.com/aws/aws-cdk/issues/21868
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
Describe the bug
CDK provisioned S3 buckets cause the following finding in Security Hub:
S3.10 S3 buckets with versioning enabled should have lifecycle policies configured
(https://docs.aws.amazon.com/console/securityhub/S3.10/remediation)Expected Behavior
I expected CDK to provision S3 buckets with versioning enabled to have lifecycle policies configured by default.
Current Behavior
CDK-provisioned S3 buckets with versioning don't have lifecycle policies configured by default and are breaching Security Hub's AWS foundational security best practices.
Reproduction Steps
Deploy a versioned S3 bucket and note the above finding in Security Hub.
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.35.0 (build 5c23578)
Framework Version
No response
Node.js Version
v14.18.1
OS
MacOS
Language
Typescript
Language Version
No response
Other information
No response