Cloud Custodian
Why does Cloud Custodian create S3 policy results in all region folders when S3 is a global resource? #10207
Unanswered
ashish-181
asked this question in
AWS
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi team,
I am running a Cloud Custodian policy to check for S3 buckets that do not start with a certain prefix. My understanding is that S3 is a global AWS resource, so I expected the results to appear in a single, global output folder when I run the policy with --region all.
However, when I check the output after running the policy, I see that the results for the S3 policy are created under every regional folder (e.g., ap-east-1/s3-buckets-must-start-with-..., us-east-1/s3-buckets-must-start-with-..., etc.). The actual findings appear to be the same across regions.
Is there a reason why the S3 policy output is duplicated across all regions, rather than being stored in a single, global folder? Is there a recommended way to configure Cloud Custodian so global resources like S3 only generate one result set, or is this the expected behavior?
Thanks in advance for your help!
Beta Was this translation helpful? Give feedback.
All reactions