AWS-S3-S3-Bucket-Policy-CloudFront-OAI
- naveen
Owned by naveen
Dec 06, 2021
1 min read
Loading data...
Severity : High
Description : Access to CloudFront origins should only happen via ClouFront URL and not from S3 URL or any source in order to restrict access to private data.
Remediation Steps : Review the access policy for S3 bucket which is an origin to a CloudFront distribution. Make sure the S3 bucket is origin to only one distribution. Modify the S3 bucket access policy to allow CloudFront OAI for only the associated CloudFront distribution and restrict access from any other source.
Blue Hexagon Proprietary