AWS Config Rule: S3 Bucket Default Lock Enabled

Description: Checks whether Amazon S3 bucket has lock enabled, by default. The rule is NON_COMPLIANT if the lock is not enabled.

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Osaka), Europe (Spain) Region

Important! - You cannot enable Object Lock on an S3 bucket once it has been created. You need to go through AWS Customer Support to enable this on a bucket that already exists

To resolve this manually, you will need to head to the "Advanced Settings" section of the page where you first create an S3 Bucket. You will need to click "Enable" and then also ensure you understand that this will also enable Versioning. 

There is also a manual acknowledgement to approve before you can create your S3 Bucket

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here