Data at risk

S3 Bucket Allows Public PUT

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Orca has detected that your s3 bucket '{AwsS3Bucket}' can be publicly accessed for PUT actions. An S3 bucket that allows public PUT (write) access can provide attackers the capability to add and replace objects within the bucket, which can lead to S3 data loss or unintended changes.
  • Recommended Mitigation

    In order to protect your S3 data from unauthorized users, it is recommended to prevent public PUT actions on your s3 bucket '{AwsS3Bucket}'. It can be done by removing 's3:PutObject' and 's3:PutObjectAcl' from the bucket's policy or by setting the bucket's permissions to block public access. To edit the bucket's public access permissions, follow the instructions at: https://aws.amazon.com/s3/features/block-public-access/