Data at risk

S3 Bucket Allows Authenticated WRITE Access

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Ensure that your S3 buckets cannot be accessed for write actions by AWS authenticated accounts or IAM users in order to protect your S3 data from unauthorized access. An S3 bucket that allows WRITE (upload/delete) access to any AWS authenticated users can provide them the capability to add, delete and replace objects within the bucket without restrictions

  • Recommended Mitigation

    Change the {AwsS3Bucket} bucket policy to block authenticated WRITE access

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.