Data at risk

S3 Bucket Allows Public GET

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Orca has detected that your s3 bucket '{AwsS3Bucket}' can be publicly accessed for GET actions. An S3 bucket that grants GET (read) access to everyone can allow anonymous users to read the objects within the bucket.
  • Recommended Mitigation

    In order to protect your S3 data from unauthorized users, it is recommended to prevent public GET action on your s3 bucket '{AwsS3Bucket}'. It can be done by removing 's3:GetObject' from the bucket's policy or by setting the bucket's permissions to block public access. To edit the bucket's public access permissions, follow the instructions at: https://aws.amazon.com/s3/features/block-public-access/