OSS Bucket Authorize Specified IP
ID: rule:aliyun:oss-bucket-authorize-specified-ip
Severity: medium
IaC Types: ROS, Terraform
Description
Ensures OSS bucket policy contains IP address conditions to restrict access.
Reason for Violation
The OSS bucket policy does not restrict access by IP address.
Recommendation
Add an IpAddress condition with 'acs:SourceIp' to the bucket policy.
Resource Types
- ROS:
ALIYUN::OSS::Bucket - Terraform:
alicloud_oss_bucket