AWS-S3-S3-Bucket-Public-Access-Block

Severity: Critical

Description: This control ensures that bucket level public access setting 'Block new public bucket policies' is set to true. The bucket level public access setting 'Block new public bucket policies' ensures that a bucket policy for a bucket cannot be updated to grant public access.

Remediation Steps:

Perform following to update S3 bucket public policy access :

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to s3 console.

3. In the navigation pane,  select buckets.

4. Click on the bucket to be modified, click permissions.

5. Click Public access settings.

6. Click edit.

7. In Manage public bucket policies section, check the box for Block public access to buckets and objects granted through new public bucket or access point policies.

8. Choose Save.

9. When asked for confirmation, enter confirm. Then choose Confirm to save changes.

Important:

• AWS refers this option as "Block public access to buckets and objects granted through new public bucket or access point policies"

Reference:

• CIS Amazon Web Services Foundations Benchmark v1.3.0 - 08-07-2020: Recommendation #1.20

• Configuring block public access settings for your S3 buckets - Amazon Simple Storage Service