Mods
AWS

Policy: AWS > Config > Configuration Recording > Delivery Channel > S3 Bucket

The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files. AWS Config must write to S3, thus this policy is required. The S3 bucket must already exist (the stack will not create it) and the CloudTrail service must be allowed write access. The bucket can reside in any region of any account.

Resource Types

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Controls

Policy Specification

Schema Type
string
Default template
{{ $.bucketName }}
Default template input
- |
{
region {
turbot {
id
}
}
}
- |
{
bucketName: policy(uri: "aws#/policy/types/loggingBucketDefault", resourceId: "{{ $.region.turbot.id }}")
}

Category

In Your Workspace

Developers