Risk Level: Critical
Cloud Entity: Simple Storage Service (S3)
CloudGuard Rule ID: D9.CFT.IAM.09
Covered by Spectral: Yes
AWS_S3_Bucket should not have AccessControl='PublicRead'
AccessControl property to one of Private, AuthenticatedRead, LogDeliveryWrite, BucketOwnerRead, BucketOwnerFullControl, or AwsExecRead
Or remove the
AccessControl from the AWS::S3::Bucket resource.
Companies today need the ability to simply and securely collect, store, and analyze their data at a massive scale. Amazon S3 is object storage built to store and retrieve any amount of data from anywhere ï¿½ï¿½ï¿½ web sites and mobile apps, corporate applications, and data from IoT sensors or devices. It is designed to deliver 99.999999999% durability, and stores data for millions of applications used by market leaders in every indu
- AWS CloudFormation ruleset
Updated 3 months ago