S3 Bucket Allows Public WRITE Access

Data at risk

S3 Bucket Allows Public WRITE Access

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

AWS Foundational Security Best Practices Controls
Brazilian General Data Protection (LGPD)
CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO 27701
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

Ensure that your S3 buckets cannot be publicly accessed for WRITE actions in order to protect your S3 data from unauthorized users. An S3 bucket that allows public WRITE access can provide attackers the capability to add, delete and replace objects within the bucket, which can lead to S3 data loss or unintended charges

Recommended Mitigation

Change the {AwsS3Bucket} bucket policy to block public WRITE access

S3 Bucket Allows Public WRITE Access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS