Data at risk

S3 Bucket Allows Public DELETE

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Orca has detected that your s3 bucket '{AwsS3Bucket}' can be publicly accessed for DELETE actions. An S3 bucket that grants DELETE access to everyone can allow anonymous users to delete the objects within the bucket, leading to loss of data.
  • Recommended Mitigation

    In order to protect your S3 data from unauthorized users, it is recommended to prevent public DELETE action on your s3 bucket '{AwsS3Bucket}'. It can be done by removing 's3:DeleteObject' and 's3:DeleteObjectVersion' from the bucket's policy or by setting the bucket's permissions to block public access. To edit the bucket's public access permissions, follow the instructions at: https://aws.amazon.com/s3/features/block-public-access/