s3-public-read-prohibited-template-compliant.yaml Status = PASS PASS rules s3_bucket_public_read_prohibited.guard/S3_BUCKET_PUBLIC_READ_PROHIBITED PASS --- `- File(s3-public-read-prohibited-template-compliant.yaml, Status=PASS)[Context=File(rules=1)] `- Rule(S3_BUCKET_PUBLIC_READ_PROHIBITED, Status=PASS)[Context=S3_BUCKET_PUBLIC_READ_PROHIBITED] |- Rule/When(Status=PASS)[Context=Rule#S3_BUCKET_PUBLIC_READ_PROHIBITED/When] | `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block %s3_bucket_public_read_prohibited not EMPTY ] | |- Filter/ConjunctionsBlock(Status=PASS)[Context=Filter/Map#1] | | `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block Type EQUALS "AWS::S3::Bucket"] | | `- GuardClauseValueCheck(Status=PASS)[Context= Type EQUALS "AWS::S3::Bucket"] | `- GuardClauseValueCheck(Status=PASS)[Context= %s3_bucket_public_read_prohibited not EMPTY ] |- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS ] | `- GuardClauseValueCheck(Status=PASS)[Context= %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration EXISTS ] |- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS true] | `- GuardClauseValueCheck(Status=PASS)[Context= %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicAcls EQUALS true] |- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS true] | `- GuardClauseValueCheck(Status=PASS)[Context= %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.BlockPublicPolicy EQUALS true] |- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS true] | `- GuardClauseValueCheck(Status=PASS)[Context= %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.IgnorePublicAcls EQUALS true] `- GuardClauseBlock(Status = PASS)[Context=GuardAccessClause#block %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS true] `- GuardClauseValueCheck(Status=PASS)[Context= %s3_bucket_public_read_prohibited[*].Properties.PublicAccessBlockConfiguration.RestrictPublicBuckets EQUALS true]