S3 bucket should not allow list actions from all principals
Misconfigured S3 buckets can leak private information to the entire internet or allow unauthorized data tampering / deletion
Risk Level: Critical
Cloud Entity: Simple Storage Service (S3)
CloudGuard Rule ID: D9.CFT.IAM.05
Covered by Spectral: Yes
Category: Storage
GSL LOGIC
AWS_S3_BucketPolicy should not have PolicyDocument.Statement contain [ Effect='Allow' and Principal='*' and (Action contain [$ regexMatch /^s3:List/] or Action regexMatch /^s3:List/) ]
REMEDIATION
From CFT
Modify AWS::S3::Bucket PolicyDocument
property and remove policies for s3:List actions for principals ''. If necessary, modify the policy instead, to limit the access to specific principals
References
Simple Storage Service (S3)
Companies today need the ability to simply and securely collect, store, and analyze their data at a massive scale. Amazon S3 is object storage built to store and retrieve any amount of data from anywhere ��� web sites and mobile apps, corporate applications, and data from IoT sensors or devices. It is designed to deliver 99.999999999% durability, and stores data for millions of applications used by market leaders in every indu
Compliance Frameworks
- AWS CloudFormation ruleset
Updated over 1 year ago