Checks/Aws/Test-GlacierVaultsPolicyPublicAccess.ps1
|
function Test-GlacierVaultsPolicyPublicAccess { <# .SYNOPSIS S3 Glacier vault has no policy or its policy does not allow access to everyone .DESCRIPTION **Glacier vault** access policy is evaluated for exposure to **public principals**. The finding highlights `Allow` statements that grant access to `Principal: '*'` (including wildcard forms), and notes when a vault lacks a policy. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: glacier_vaults_policy_public_access [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check glacier_vaults_policy_public_access for reference.', 'N/A', 'glacier Resources') } |