Data protection

S3 bucket policy allows any action from all principles


Bucket Policy governs the access permissions on AWS S3 resources. This policy checks whether the S3 bucket is configured with bucket policy with ""Effect"":""Allow"", ""Principal"":""*"" and with any combination of allowed actions. This enables the bucket to be accessed by anyone, and if proper conditions are not added it could be exposed to the Internet. It was detected that the S3 bucket {AwsS3Bucket} allows any action from all principles. It is a best practice to grant limited access to specific authenticated users.