EventBridge custom event buses should have a resource-based policy attached

Docs > Plateforme de sécurité Datadog > OOTB Rules > EventBridge custom event buses should have a resource-based policy attached

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

This control verifies whether a resource-based policy is attached to an Amazon EventBridge custom event bus. The control fails if the event bus lacks a resource-based policy.

Without a resource-based policy by default, an EventBridge custom event bus permits access by principals within the account. By adding a resource-based policy, you can restrict access to the event bus to specific accounts and intentionally grant access to external entities as needed.

Remediation

For steps to attach a resource-based policy to an EventBridge custom event bus, refer to Using Resource-Based Policies for Amazon EventBridge in the Amazon EventBridge User Guide.