standard
turbot/aws_compliance

Trigger: Detect & correct S3 buckets with MFA delete disabled

Detect S3 buckets with MFA delete disabled.

Query

select
concat(name, ' [', account_id, '/', region, ']') as title,
name as bucket_name,
region,
sp_connection_name as conn
from
aws_s3_bucket
where
not versioning_mfa_delete;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/S3