Amazon_S3_8

Ensure S3 buckets should not allow all actions from all principals

Description

Misconfigured S3 buckets can leak private information to the entire internet or allow unauthorized data tampering / deletion.Granting public access to your S3 buckets can allow unauthorized users to list the objects available within the buckets and use this information to gain access to your data.

Remediation

Perform the following steps to modify the policy

  1. Sign in to the AWS Management Console.
  2. Navigate to S3 dashboard at https://console.aws.amazon.com/s3/.
  3. Select the S3 bucket that you want to examine and click the Permissions tab.
  4. Inside the Permissions click on Bucket policy tab.
  5. Now Edit bucket policy to access the bucket policy currently used.
  6. In the Bucket Policy Editor dialog box, verify the Effect and Principal policy elements. The Principal is the account or the user that has access to the actions and resources declared in the policy statement. If the Effect element value is set to “all actions” and the Principal element value is set to “*” (i.e. everyone) or {“AWS”: “*”}, the selected S3 bucket is publicly accessible unless there is a Condition element, and can be marked as insecure.
  7. Change the Principal value which is “*” to Principal element specifying the user, account, service, or other entity that should be allowed or denied access to a resource.
  8. Repeat steps no. 3 &ndash

Service

S3

Severity

High

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!