19

S3 Config Rules

Last Update il y a un mois

AWS Config Rule: S3 Bucket Public Read Prohibited AWS Config Rule: S3 Bucket Public Write Prohibited AWS Config Rule: S3 Bucket Server Side Encryption Enabled AWS Config Rule: S3 Default KMS Encryption AWS Config Rule: S3 Account Level Public Access Blocks

AWS Config Rule: S3 Bucket ACL Prohibited

S3_BUCKET_ACL_PROHIBITED

Eduardo Van Cauteren

Last Update il y a 9 mois

Description: Checks if Amazon Simple Storage Service (Amazon S3) Buckets allow user permissions through access control lists (ACLs). The rule is NON_COMPLIANT if ACLs are configured for user access in Amazon S3 Buckets.


Trigger type: Configuration changes


AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), China (Ningxia) Region

How to Resolve Manually

This config rule evaluates if a S3 Bucket is configured to grant user permissions through ACLs. If a bucket is found with user permissions configured via ACLs, the rule will be marked as non-compliant.


To resolve this, go to Amazon S3 service, look for the desired bucket and click on the name to edit. Once there, click on Permissions tab, find the Access control list (ACL) card and click on Edit button to edit permissions. At this point you should disable the List and Read permissions for the Everyone (public access) group. See the following picture as reference:

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us