Page Comparison

Severity : High

Description: This control ensures that S3 buckets should not be configured with static website hosting with public objects.

...

Using the CloudFront distribution

...

with

...

origin access identity is recommended solution to provide access to public objects. It's recommended to disable S3 bucket static website hosting.

Remediation Steps

...

:

Perform following to update IAM policy for IAM user :

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to S3 console.

3. In the Buckets list, choose the name of the bucket that enable static website hosting for.

4. Choose Properties.

5. Under Static website hosting, choose Edit.

6. Under Static website hosting, choose Disable.

7. Select Save Changes.

8. If the static Website hosting is configured using the custom domain name, delete the domain and Route53 configuration for the domain.

Important:

Reference:

• https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-https-requests-s3/

• https://docs.aws.amazon.com/AmazonS3/latest/userguide/EnableWebsiteHosting.html

• https://docs.aws.amazon.com/AmazonS3/latest/userguide/website-hosting-custom-domain-walkthrough.html