File tree Expand file tree Collapse file tree 1 file changed +4
-5
lines changed
aws_sra_examples/solutions/guardduty/guardduty_org/templates Expand file tree Collapse file tree 1 file changed +4
-5
lines changed Original file line number Diff line number Diff line change @@ -166,8 +166,8 @@ Resources:
166166 Condition :
167167 StringLike :
168168 aws:PrincipalServiceName : guardduty.*.amazonaws.com
169- # StringEquals:
170- # s3:x-amz-acl: bucket-owner-full-control
169+ StringEquals :
170+ s3:x-amz-acl : bucket-owner-full-control
171171
172172 - Sid : DenyUnencryptedObjectUploads
173173 Effect : Deny
@@ -184,14 +184,13 @@ Resources:
184184 - Sid : DenyUnencryptedObjectUploadsOptinRegions
185185 Effect : Deny
186186 Action : s3:PutObject
187- Condition :
188- StringNotEquals :
189- s3:x-amz-server-side-encryption : aws:kms
190187 Resource : !Sub arn:aws:s3:::${rGuardDutyDeliveryS3Bucket}/*
191188 Principal : ' *'
192189 Condition :
193190 StringLike :
194191 aws:PrincipalServiceName : guardduty.*.amazonaws.com
192+ StringNotEquals :
193+ s3:x-amz-server-side-encryption : aws:kms
195194
196195 - Sid : DenyIncorrectEncryptionHeader
197196 Effect : Deny
You can’t perform that action at this time.
0 commit comments