Ensure no publicly accessible S3 buckets exist


Amazon S3 is object storage built to store and retrieve any amount of data from anywhere – web sites and mobile apps


Perform the following to remove any public access that has been granted to the bucket via an ACL or S3 bucket policy:

  1. Go to Amazon S3 console at
  2. Right-click on the bucket and click Properties
  3. In the Properties pane, click the Permissions tab.
  4. The tab shows a list of grants, one row per grant, in the bucket ACL. Each row
  5. identifies the grantee and the permissions granted.
  6. Select the row that grants permission to Everyone or Any Authenticated User
  7. Uncheck all the permissions granted to Everyone or Any Authenticated
  8. User (click x to delete the row).
  9. Click Save to save the ACL.
  10. If the Edit bucket policy button is present, click it.
  11. Remove any Statement having an Effect set to Allow and a Principal set to * .

Default Value:
By default, S3 buckets are not publicly accessible







We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!