Ensure that your S3 buckets do not allow anonymous users to modify their access control permissions to protect your S3 data from unauthorized access. An S3 bucket that allows public WRITE_ACP (edit permissions) access can give any malicious user on the Internet the capability to read and write ACL permissions - overly permissive actions that can lead to data loss or unintended charges