Suspicious activity

S3 Bucket with Policy:S3/BucketBlockPublicAccessDisabled GuardDuty Alert Found

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

GuardDuty finding was triggered for s3 bucket. It was found that the 'BucketBlockPublicAccessDisabled' feature was disabled for {AwsS3Bucket} bucket. This feature prevents the bucket from being publicly accessible. By disabling it, one protection level is removed and the access is limited only by the access controls and policies applied to the bucket.
  • Recommended Mitigation

    It is recommended to restrict the access to the bucket by blocking public access and review additional alerts on the asset.