EventBridge custom event buses should have a resource-based policy attached

amazon-event-bridge
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control verifies whether a resource-based policy is attached to an Amazon EventBridge custom event bus. The control fails if the event bus lacks a resource-based policy.

Without a resource-based policy by default, an EventBridge custom event bus permits access by principals within the account. By adding a resource-based policy, you can restrict access to the event bus to specific accounts and intentionally grant access to external entities as needed.

Remediation

For steps to attach a resource-based policy to an EventBridge custom event bus, refer to Using Resource-Based Policies for Amazon EventBridge in the Amazon EventBridge User Guide.