CloudKitect S3 Logging Bucket component that uses S3_MANAGED encryption, enforces ssl, denies public access is versioned.
Encryption: S3 Managed Versioned: True Removal Policy: Retain in Production
None
Note that the default alarm uses the CcAlarm construct, which sets up an alarm action to notify the SNS Topic AlarmEventsTopic by default.
Default Usage
new CcLoggingBucket(this, "LogicalId", {}); Copy
new CcLoggingBucket(this, "LogicalId", {});
Custom Configuration
new CcLoggingBucket(this, "LogicalId", { enforceSSL: false}); Copy
new CcLoggingBucket(this, "LogicalId", { enforceSSL: false});
It addresses the following compliance requirements
Risk Level: Medium Compliance: PCI, HIPAA, GDPR, APRA, MAS, NIST4 Well Architected Pillar: Security
Risk Level: Low Compliance: PCI, APRA, MAS, NIST4 Well Architected Pillar: Reliability
Risk Level: Very High Compliance: PCI, GDPR, ARPA, MAS, NIST4 Well Architected Pillar: Security
Risk Level: High Compliance: NA Well Architected Pillar: Reliability
Risk Level: High Compliance: PCI, APRA, MAS, NIST4 Well Architected Pillar: Security
Risk Level: High Compliance: PCI, HIPAA, GDPR, APRA, MAS, NIST4 Well Architected Pillar: Security
Risk Level: Very High Compliance: PCI, APRA, MAS, NIST4 Well Architected Pillar: Security
Static
Private
Get access logs bucket, it will try to get the one that is provisioned by Landing Zone, if it can not find it, then it will create a new logging bucket
Generated using TypeDoc
CloudKitect S3 Logging Bucket component that uses S3_MANAGED encryption, enforces ssl, denies public access is versioned.
Default Configuration
Encryption: S3 Managed Versioned: True Removal Policy: Retain in Production
Default Alarms
None
Note that the default alarm uses the CcAlarm construct, which sets up an alarm action to notify the SNS Topic AlarmEventsTopic by default.
Examples
Default Usage
Custom Configuration
Compliance
It addresses the following compliance requirements