DEVHIDE
Login Or Sign up

AWS ORG policy to enforce CMK key

33 Views Asked by At

I would like to create a SCP policy on all the accounts in my AWS org that enfoces the use of customer managed key for the encryptions of new buckets

i found that this should have worked

   {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "DenyS3BucketCreationWithoutKMSEncryption",
      "Effect": "Deny",
      "Action": [
        "s3:CreateBucket"
      ],
      "Resource": "*",
      "Condition": {
        "StringNotLike": {
          "s3:x-amz-server-side-encryption": [
            "AES256"
          ]
        }
      }
    }
  ]
}

I also treid many other vreation of it and they all not working can any one advise?

amazon-web-services amazon-s3 aws-policies aws-organizations aws-permissions
Original Q&A
0

There are 0 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-S3

Related Questions in AWS-POLICIES

Related Questions in AWS-ORGANIZATIONS

Related Questions in AWS-PERMISSIONS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.