EventBridge custom event buses should have a resource-based policy attached

amazon-event-bridge
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This control verifies whether a resource-based policy is attached to an Amazon EventBridge custom event bus. The control fails if the event bus lacks a resource-based policy.

Without a resource-based policy by default, an EventBridge custom event bus permits access by principals within the account. By adding a resource-based policy, you can restrict access to the event bus to specific accounts and intentionally grant access to external entities as needed.

Remediation

For steps to attach a resource-based policy to an EventBridge custom event bus, refer to Using Resource-Based Policies for Amazon EventBridge in the Amazon EventBridge User Guide.