Table: aws_s3_accounts

This table shows data for S3 Accounts.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_PublicAccessBlockConfiguration.html (opens in a new tab)

The primary key for this table is account_id.

Columns

NameType
_cq_iduuid
_cq_parent_iduuid
account_id (PK)utf8
block_public_aclsbool
block_public_policybool
ignore_public_aclsbool
restrict_public_bucketsbool
config_existsbool

Example Queries

These SQL queries are sampled from CloudQuery policies and are compatible with PostgreSQL.

S3 Block Public Access setting should be enabled

SELECT
  'S3 Block Public Access setting should be enabled' AS title,
  aws_iam_accounts.account_id,
  aws_iam_accounts.account_id AS resource_id,
  CASE
  WHEN config_exists IS NOT true
  OR block_public_acls IS NOT true
  OR block_public_policy IS NOT true
  OR ignore_public_acls IS NOT true
  OR restrict_public_buckets IS NOT true
  THEN 'fail'
  ELSE 'pass'
  END
    AS status
FROM
  aws_iam_accounts
  LEFT JOIN aws_s3_accounts ON
      aws_iam_accounts.account_id = aws_s3_accounts.account_id;
Introduction