Skip to main content

Not restricting public access on a S3 bucket can lead to data leakage

  • GG_ID: GG_IAC_0056
  • Severity: HIGH
  • Complexity: LOW
  • Categories: DATA
  • Providers: AWS
  • Potential data exposure: True
  • Visible in logs: True
  • User interaction required: False
  • Privileges required: False

Description#

AWS S3 Block Public Access is a feature that allows setting up centralized controls to manage public access to S3 resources.

Enforcing the RestrictPublicBuckets rule on a bucket allows to make sure only AWS service principals and authorized users within the bucket owner's account will be able to access the bucket.

Impact#

  • Data leakage.
  • Data tampering.

Remediation guidelines#

Associate a S3 BlockPublicAccess with RestrictPublicBuckets enabled to the bucket.

External documentation#