Control: AWS > S3 > Bucket > CMDB

Record and synchronize details for the AWS S3 bucket into the CMDB.

The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.

If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.

To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".

CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > S3 > Bucket > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)

Resource Types

This control targets the following resource types:

AWS > S3 > Bucket

Primary Policies

The following policies can be used to configure this control:

CMDB

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-s3#/control/types/bucketCmdb

Category URI

tmod:@turbot/turbot#/control/categories/cmdb

GraphQL

query controlType(id: "tmod:@turbot/aws-s3#/control/types/bucketCmdb") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-s3#/control/types/bucketCmdb'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-s3#/control/types/bucketCmdb"