No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Question about AwsGuard policy. With s3BucketLoggingEnabled mandatory all buckets are verified to have access logs.
This creates problem with the log buckets themselves, that don't have access log buckets of their own, but rather rely on retention policy (glacier, etc...) or otherwise that would be infinite chain of buckets.
 To me it seems that this policy needs to support filtering those buckets out, either by dependency or by tag/name predicate.

That's a great point. Do you mind opening an issue at <https://github.com/pulumi/pulumi-policy-aws> for this?

<https://github.com/pulumi/pulumi-policy-aws/issues/59>