Ensure OSS Bucket Ip Restriction Enabled

OSS Bucket should have ip restricted access. This topic provides a sample policy that you can use to authorize your Resource Access Management (RAM) users. This policy allows RAM users to access Alibaba Cloud resources by using a specific IP address or Classless Inter-Domain Routing (CIDR) block.

Risk Level: high
Platform: Alicloud
Spectral Rule ID: TFALCLD053

REMEDIATION

set policy to ip restricted access

"Condition": {
    "IpAdress": {
+ "acs:SourceIp": "10.0.0.0"
    }
}

Read more: