You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
we use Control Tower for Customizations (https://github.com/aws-solutions/aws-control-tower-customizations) and the deployment currently fails in the buildstep of the cfct-pipeline, because of cfn_nag duo to it recognizing it as a fail and not a warning.
It does not let us implement a bucket policy with "*" principal, even when additionally secured by using conditions.
FAIL F16 - S3 Bucket policy should not allow * principal
Thanks in advance
Heiko
EDIT: Will test the linter exclusion-workaround for the resource listed in your readme
EDIT2: Workaround works.
The text was updated successfully, but these errors were encountered:
HeikoMR
changed the title
FAIL F16 - S3 Bucket policy should not allow * principal
Issue: FAIL F16 - S3 Bucket policy should not allow * principal
Mar 7, 2024
Hello,
we use Control Tower for Customizations (https://github.com/aws-solutions/aws-control-tower-customizations) and the deployment currently fails in the buildstep of the cfct-pipeline, because of cfn_nag duo to it recognizing it as a fail and not a warning.
It does not let us implement a bucket policy with "*" principal, even when additionally secured by using conditions.
Example:
FAIL F16 - S3 Bucket policy should not allow * principal
Thanks in advance
Heiko
EDIT: Will test the linter exclusion-workaround for the resource listed in your readme
EDIT2: Workaround works.
The text was updated successfully, but these errors were encountered: