From ef4d2d33bec44b1df2ede9f6d067597527617698 Mon Sep 17 00:00:00 2001 From: Nimrod Kor Date: Thu, 4 Jun 2020 23:08:58 +0300 Subject: [PATCH] Fix extra734 - handle us-east-1 (cherry picked from commit 5f2eb7f82e3814478b380ae5fbb6c8a69536e043) --- checks/check_extra734 | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/checks/check_extra734 b/checks/check_extra734 index b456eeea..3ffcf826 100644 --- a/checks/check_extra734 +++ b/checks/check_extra734 @@ -27,6 +27,12 @@ extra734(){ # OR # - Have bucket policy denying s3:PutObject when s3:x-amz-server-side-encryption is absent + if [[ $BUCKET_LOCATION == "None" ]]; then + BUCKET_LOCATION="us-east-1" + fi + if [[ $BUCKET_LOCATION == "EU" ]]; then + BUCKET_LOCATION="eu-west-1" + fi # query to get if has encryption enabled or not RESULT=$($AWSCLI s3api get-bucket-encryption $PROFILE_OPT --region $BUCKET_LOCATION --bucket $bucket --query ServerSideEncryptionConfiguration.Rules[].ApplyServerSideEncryptionByDefault[].SSEAlgorithm --output text 2>&1) if [[ $(echo "$RESULT" | grep AccessDenied) ]]; then