Ensure OSS Bucket Ip Restriction Enabled
OSS Bucket should have ip restricted access. This topic provides a sample policy that you can use to authorize your Resource Access Management (RAM) users. This policy allows RAM users to access Alibaba Cloud resources by using a specific IP address or Classless Inter-Domain Routing (CIDR) block.
Risk Level: high
Platform: Alicloud
Spectral Rule ID: TFALCLD053
REMEDIATION
set policy to ip restricted access
"Condition": {
"IpAdress": {
+ "acs:SourceIp": "10.0.0.0"
}
}
Read more:
Updated over 1 year ago