Data protection

S3 Glacier vault with public access

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Amazon S3 Glacier is a secure, durable, and extremely low-cost Amazon S3 storage class for data archiving and long-term backup. We have detected that the S3 Glacier vault {AwsS3GlacierVault}'s access policy allows public access. Public access to a vault allows access to all AWS accounts and users. Use the vault's access policy in order to restrict who can access it.

  • Recommended Mitigation

    We recommended to set the vault's access policy to provide access to known parties only. For more information: <a href="https://docs.aws.amazon.com/amazonglacier/latest/dev/access-control-overview.html#access-control-manage-access-intro" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/amazonglacier/latest/dev/access-control-overview.html#access-control-manage-access-intro</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.