S3 Glacier vault with public access - Complete Cloud Security in Minutes - Orca Security

Data protection

S3 Glacier vault with public access

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

Orca Best Practices

Description

Amazon S3 Glacier is a secure, durable, and extremely low-cost Amazon S3 storage class for data archiving and long-term backup. We have detected that the S3 Glacier vault {AwsS3GlacierVault}'s access policy allows public access. Public access to a vault allows access to all AWS accounts and users. Use the vault's access policy in order to restrict who can access it.

Recommended Mitigation

We recommended to set the vault's access policy to provide access to known parties only. For more information: https://docs.aws.amazon.com/amazonglacier/latest/dev/access-control-overview.html#access-control-manage-access-intro

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.