Updated on 2025-08-25 GMT+08:00

OBS Bucket Policy Check

Rule Details

Table 1 Rule details

Parameter

Description

Rule Name

obs-bucket-policy-configured

Identifier

OBS Bucket Policy Check

Description

If no bucket policy is configured for an OBS bucket, this bucket is non-compliant.

Tag

obs

Trigger Type

Configuration change

Filter Type

obs.buckets

Rule Parameters

None

Application Scenarios

A bucket policy applies to a bucket and the objects in the bucket. A bucket owner can use bucket policies to grant IAM users or other accounts the permissions to operate the bucket and its objects. For details, check bucket policies. You are advised to apply the principle of least privilege to ensure that a bucket policy only grants necessary permissions for certain tasks.

Solution

Modify the bucket policy with the visual editor or in the JSON view.

Rule Logic

  • If a bucket policy is configured for an OBS bucket, this bucket is compliant.
  • If no bucket policy is configured for an OBS bucket, this bucket is non-compliant.