tencentcloud.cos

COS - Cloud Object Storage (COS) is a powerful Tencent Cloud distributed storage service that features low costs and high scalability

https://www.tencentcloud.com/document/product/436/6222?lang=en&pg=

Filters

• bucket-encryption

• bucket-lifecycle

• bucket-logging

• event

• has-statement

• list-item

• marked-for-op

• reduce

• value

bucket-encryption

Filters for cos buckets that have bucket-encryption

example:

policies:
    - name: cos-enable-default-bucket-encryption-reporting-pull
      resource: tencentcloud.cos
      filters:
        - type: bucket-encryption
          state: False

properties:
  crypto:
    enum:
    - AES256
    type: string
  state:
    type: boolean
  type:
    enum:
    - bucket-encryption
required:
- type

bucket-lifecycle

Filter based on bucket lifecycle configuration

example:

policies:
    - name: no-mpu-cleanup-rule
      resource: tencentcloud.cos
      filters:
        - type: bucket-lifecycle
          key:Lifecycle.Rules[?Status==`Enabled`].AbortIncompleteMultipartUpload.DaysAfterInitiation
          value: 30,
          value_type: swap,
          op: equal

properties:
  key:
    type: string
  op:
    type: string
  type:
    enum:
    - bucket-lifecycle
  value:
    type: string
  value_type:
    type: string
required:
- type

bucket-logging

Filter based on bucket logging configuration

example:

policies:
- name: bucket-logging
  resource: tencentcloud.cos
  filters:
    - type: bucket-logging
      op: enabled

properties:
  op:
    enum:
    - enabled
    - disabled
    - equal
    - not-equal
    - eq
    - ne
  target_bucket:
    type: string
  target_prefix:
    type: string
  type:
    enum:
    - bucket-logging
required:
- op
- type

has-statement

Filter bucket statement

example:

policies:
    - name: bucket statement
      resource: tencentcloud.cos
      filters:
        - type: has-statement
          statements:
            - Effect: Deny
              Action: name/cos:GetObject

properties:
  statements:
    items:
      properties:
        Action:
          anyOf:
          - type: string
          - type: array
        Effect:
          enum:
          - Allow
          - Deny
          type: string
        Principal:
          anyOf:
          - type: string
          - type: object
          - type: array
        Resource:
          anyOf:
          - type: string
          - type: array
        Sid:
          type: string
      required:
      - Effect
      type: object
    type: array
  type:
    enum:
    - has-statement
required:
- type

Actions

• mark-for-op

• remove-tag

• rename-tag

• tag

• webhook