Ensure S3 Buckets Prohibit Public Read Access in AWS
This automation checks whether your S3 buckets allow public read access by evaluating the Block Public Access settings, the bucket policy, and the bucket access control list (ACL). Unless you explicitly require everyone on the internet to be able to write to your S3 bucket, you should ensure that your S3 bucket is not publicly writable. It does not check for read access to the bucket by internal principals, such as IAM roles. You should ensure that access to the bucket is restricted to authorized principals only. Send results via Email.
  1. Ensure S3 Buckets Prohibit Public Read Access.
  2. Send results via Email. This result step can be changed from Email to Slack, Microsoft Teams or Discord.