AWS-S3-S3-Bucket-Website-Enabled
- naveen
Severity : High
Description: This control ensures that S3 buckets should not be configured with static website hosting with public objects. Using the CloudFront distribution with origin access identity is recommended solution to provide access to public objects. It's recommended to disable S3 bucket static website hosting.
Remediation Steps:
Perform following to update IAM policy for IAM user :
Login to the AWS Management Console at https://console.aws.amazon.com.
Navigate to S3Â console.
In the Buckets list, choose the name of the bucket that enable static website hosting for.
Choose Properties.
Under Static website hosting, choose Edit.
Under Static website hosting, choose Disable.
Select Save Changes.
If the static Website hosting is configured using the custom domain name, delete the domain and Route53 configuration for the domain.
Important:
Reference:
https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-https-requests-s3/
https://docs.aws.amazon.com/AmazonS3/latest/userguide/EnableWebsiteHosting.html
https://docs.aws.amazon.com/AmazonS3/latest/userguide/website-hosting-custom-domain-walkthrough.html
Â
Blue Hexagon Proprietary