Pipes
Guardrails
Open Source
Blog
About

Overview Docs Hub Blog Pricing

Loading...

On this page

Prerequisites
Step 1: Open the Controls by State report
Step 2: Filter on bucket versioning controls
Step 3: Create test s3 buckets
Step 4: View newly created buckets
Step 5: Review
Next Steps
Progress tracker

Review Account-wide governance

In this guide you’ll see how a single Policy Pack can govern all resources across an account.

This is the fifth guide in the Getting started with AWS series.

Prerequisites

Completion of the previous guides in this series.
Access to the Guardrails console with administrative privlidges.

Step 1: Open the Controls by State report

Navigate back to the Controls by State report (or use your saved bookmark), expand the Type dropdown, and search for bucket versioning. Enable the checkbox next to AWS > S3 > Bucket > Versioning to set the filter.

Step 2: Filter on bucket versioning controls

Your first test bucket is in the OK (green) state: it complies with the policy. Other buckets in the account with versioning disabled will show in the Alarm state (red): not compliant.

Step 3: Create test s3 buckets

Return to the AWS console and (as you did in the Observe Resource Activity guide) create 3 new buckets without versioning enabled. For the example, we will create the following new buckets:

bucket-example-02
bucket-example-03
bucket-example-04

Keep your names similar and consistent so you can easily filter and see all your test buckets together.

Step 4: View newly created buckets

As you create the new buckets, Guardrails detects them and evaluates their configuration relative to your policies. By changing our search string we can see all buckets at the same time.

The new buckets are in the Alarm state because bucket versioning is not enabled. The current policy requires all buckets to have versioing enabled.