Not restricting public access on a S3 bucket can lead to data leakage

Severity	Exploitability	Providers	Categories
HIGH	HIGH	AWS	DATA

Description

AWS S3 Block Public Access is a feature that allows setting up centralized controls to manage public access to S3 resources.

Enforcing the RestrictPublicBuckets rule on a bucket allows to make sure only AWS service principals and authorized users within the bucket owner's account will be able to access the bucket.

Impact

Potential data exposure	Visible in logs	User interaction required	Privileges required
True	True	False	False

Data leakage.
Data tampering.

Remediation guidelines

Associate a S3 BlockPublicAccess with RestrictPublicBuckets enabled to the bucket.

References

AWS Block Public Access
AWS Block Public Access Terraform documentation

Not restricting public access on a S3 bucket can lead to data leakage

Description

Impact

Remediation guidelines

References

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Not restricting public access on a S3 bucket can lead to data leakage

Description​

Impact​

Remediation guidelines​

References​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

Impact

Remediation guidelines

References