Question 1

Is block_public_acls enforced for SOC 2?

Accepted Answer

Yes, Manage access to resources in the AWS Cloud by only allowing authorized users, processes, and devices access to AWS Simple Storage Service (AWS S3) buckets.

Question 2

Is block_public_policy enforced for SOC 2?

Accepted Answer

Yes, This control checks that the access granted by the S3 bucket is restricted by any of the principals, federated users, service principals, IP addresses, or VPCs that you provide. The rule is compliant if a bucket policy is not present.

Question 3

Is ignore_public_acls enforced for SOC 2?

Accepted Answer

Yes, Manage access to resources in the AWS Cloud by only allowing authorized users, processes, and devices access to AWS Simple Storage Service (AWS S3) buckets.

Question 4

Is lifecycle_rule enforced for SOC 2?

Accepted Answer

Yes, This control checks if AWS Simple Storage Service (AWS S3) version enabled buckets have lifecycle policy configured. This rule fails if AWS S3 lifecycle policy is not enabled.

Question 5

Is logging enforced for SOC 2?

Accepted Answer

Yes, AWS Simple Storage Service (AWS S3) server access logging provides a method to monitor the network for potential cybersecurity events.

Question 6

Is object_lock_enabled enforced for SOC 2?

Accepted Answer

Yes, Ensure that your AWS Simple Storage Service (AWS S3) bucket has lock enabled, by default.

Question 7

Is replication_configuration enforced for SOC 2?

Accepted Answer

Yes, AWS Simple Storage Service (AWS S3) Cross-Region Replication (CRR) supports maintaining adequate capacity and availability.

Question 8

Is restrict_public_buckets enforced for SOC 2?

Accepted Answer

Yes, This control checks that the access granted by the S3 bucket is restricted by any of the principals, federated users, service principals, IP addresses, or VPCs that you provide. The rule is compliant if a bucket policy is not present.

Question 9

Is server_side_encryption_configuration enforced for SOC 2?

Accepted Answer

Yes, To help protect data at rest, ensure encryption is enabled for your AWS Simple Storage Service (AWS S3) buckets.

Question 10

Is versioning enforced for SOC 2?

Accepted Answer

Yes, AWS Simple Storage Service (AWS S3) bucket versioning helps keep multiple variants of an object in the same AWS S3 bucket.

AWS S3 bucket Terraform module

Terraform Module Source