Skip to main content

OSS Bucket Authorize Specified IP

ID: rule:aliyun:oss-bucket-authorize-specified-ip
Severity: medium
IaC Types: ROS, Terraform

Description

Ensures OSS bucket policy contains IP address conditions to restrict access.

Reason for Violation

The OSS bucket policy does not restrict access by IP address.

Recommendation

Add an IpAddress condition with 'acs:SourceIp' to the bucket policy.

Resource Types

  • ROS: ALIYUN::OSS::Bucket
  • Terraform: alicloud_oss_bucket