Control: AWS > S3 > Bucket > CMDB
Record and synchronize details for the AWS S3 bucket into the CMDB.
The CMDB control is responsible for populating and updating all the attributes for that resource type in the Guardrails CMDB.
If set to Skip then all changes to the CMDB are paused - no new resources will be discovered, no updates will be made and deleted resources will not be removed.
To cleanup resources and stop tracking changes, set this policy to "Enforce: Disabled".
CMDB controls also use the Regions policy associated with the resource. If region is not in AWS > S3 > Bucket > Regions policy, the CMDB control will delete the resource from the CMDB. (Note: Setting CMDB to Skip will also pause these changes.)
Resource Types
This control targets the following resource types:
Policies
The following policies can be used to configure this control:
This control type relies on these other policies when running actions:
Permissions
Cloud permissions used by this control and its actions:
s3:GetBucketAccelerateConfigurations3:GetBucketAcls3:GetBucketCORSs3:GetBucketEncryptions3:GetBucketLifecycleConfigurations3:GetBucketLocations3:GetBucketLoggings3:GetBucketNotifications3:GetBucketNotificationConfigurations3:GetBucketPolicys3:GetBucketPolicyStatuss3:GetBucketPublicAccessBlocks3:GetBucketReplications3:GetBucketRequestPayments3:GetBucketTaggings3:GetBucketVersionings3:GetBucketWebsites3:GetObjectLockConfigurations3:GetPublicAccessBlocks3:HeadBuckets3:ListBucketIntelligentTieringConfigurations
Category
In Your Workspace
Developers
- tmod:@turbot/aws-s3#/control/types/bucketCmdb
- tmod:@turbot/turbot#/control/categories/cmdb
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-s3#/control/types/bucketCmdb"
Get Controls