standard
turbot/aws_compliance

Trigger: Detect & correct S3 buckets with default encryption disabled

Detect S3 buckets with default encryption disabled.

Query

select
concat(name, ' [', account_id, '/', region, ']') as title,
name as bucket_name,
region,
sp_connection_name as conn
from
aws_s3_bucket
where
server_side_encryption_configuration is null;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/S3