/
AWS-S3-Policies-With-Write-Access

AWS-S3-Policies-With-Write-Access

Severity : Critical

Description: This control ensures that S3 bucket policy does not allows write access to Everyone anonymous. Allowing unrestricted write access increases opportunities for security risks. The write access allows users to DELETE from the bucket, So Write access S3 bucket using bucket policy can allow any user to read, upload, modify or delete contents of the bucket resulting in data loss and unexpected charges for the S3 service.

Remediation Steps:

Perform following to update S3 bucket access policy :

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to s3 console.

  3. In the navigation pane,  select buckets.

  4. Click on the bucket to be modified, click Permissions.

  5. Navigate to Access control List, Select Edit.

  6. Under Access control list (ACL), uncheck box for Write for Everyone (public access) in Objects columns.

  7. Select Save changes.

Important:

Reference:

 

Related content

AWS-S3-Public
More like this
AWS-SecurityGroup-Security-Group-Unrestricted-Access
AWS-SecurityGroup-Security-Group-Unrestricted-Access
Read with this
AWS-S3-S3-Bucket-Public-Access-Block
AWS-S3-S3-Bucket-Public-Access-Block
More like this
AWS-IAM-Unexpected-S3-Listing-Principal
AWS-IAM-Unexpected-S3-Listing-Principal
More like this
AWS-S3-S3-Bucket-Logging
AWS-S3-S3-Bucket-Logging
More like this
AWS-S3-S3-Bucket-Encryption-In-Transit
AWS-S3-S3-Bucket-Encryption-In-Transit
More like this

Blue Hexagon Proprietary