Data at risk

S3 Bucket Allows Public WRITE Access

Risk Level

Hazardous (3)



Ensure that your S3 buckets cannot be publicly accessed for WRITE actions in order to protect your S3 data from unauthorized users. An S3 bucket that allows public WRITE access can provide attackers the capability to add, delete and replace objects within the bucket, which can lead to S3 data loss or unintended charges
  • Recommended Mitigation

    Change the {AwsS3Bucket} bucket policy to block public WRITE access