Data at risk

S3 Bucket Allows Public FULL_CONTROL Access


Ensure there aren't any publicly accessible S3 buckets available in your account in order to protect your S3 data from loss and unauthorized access. A publicly accessible S3 bucket allows FULL_CONTROL access to everyone to list, upload, and delete objects, view and edit object permissions
  • Recommended Mitigation

    Change the {AwsS3Bucket} bucket policy to block authenticated FULL_CONTROL access