- GG_ID: GG_IAC_0056
- Severity: HIGH
- Complexity: LOW
- Categories: DATA
- Providers: AWS
- Potential data exposure: True
- Visible in logs: True
- User interaction required: False
- Privileges required: False
AWS S3 Block Public Access is a feature that allows setting up centralized controls to manage public access to S3 resources.
Enforcing the RestrictPublicBuckets rule on a bucket allows to make sure only AWS service principals and authorized users within the bucket owner's account will be able to access the bucket.
- Data leakage.
- Data tampering.
Associate a S3 BlockPublicAccess with RestrictPublicBuckets enabled to the bucket.