Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: S3 Buckets should prohibit public write access

This rule ensures that S3 buckets do not allow public write access.

RuleS3 buckets should prohibit public write access
FrameworkFedRAMP Low Revision 4
Severity
High

Rule Description:

The rule states that S3 buckets should not allow public write access in accordance with the FedRAMP Low security standard, specifically Revision 4. This rule is essential to maintain the confidentiality, integrity, and availability of data stored in S3 buckets and to ensure compliance with the FedRAMP security requirements.

Troubleshooting Steps:

If the S3 bucket is found to have public write access enabled, follow these troubleshooting steps to remediate the issue:

  1. 1.

    Identify the affected S3 bucket(s):

    • Review the list of S3 bucket names associated with the account.
    • Look for buckets with public write access permissions enabled.
  2. 2.

    Determine the cause of the public write access permissions:

    • Check the bucket policy of the affected S3 bucket(s) to verify the existence of any public write permissions.
    • Review the Access Control List (ACL) of the bucket to identify any public write access.
  3. 3.

    Evaluate the need for write access by the public:

    • Assess whether there is a legitimate requirement for allowing public write access. If not, proceed with remediation.
  4. 4.

    Remove public write access:

    • Update the bucket policy and ACL to revoke public write access permissions.
    • Configure the bucket to only allow authorized users or entities write access.
  5. 5.

    Test access permissions:

    • Attempt to write to the bucket using public credentials to validate that public write access has been restricted.
  6. 6.

    Monitor and validate:

    • Regularly monitor the S3 bucket permissions to ensure ongoing compliance with the rule.
    • Periodically review the bucket policy and ACL to verify that public write access remains disabled.

Remediation Steps:

To ensure that S3 buckets adhere to the FedRAMP Low Revision 4 security standard and prohibit public write access, follow these step-by-step instructions:

  1. 1.
    Open the AWS Management Console.
  2. 2.
    Navigate to the Amazon S3 service.
  3. 3.
    Identify the S3 bucket(s) that need to be remediated.
  4. 4.
    Click on the bucket name to access the bucket settings.
  5. 5.
    Review the bucket policy:
    • If a bucket policy exists, click on the "Permissions" tab.
    • Select the "Bucket Policy" section and review its contents.

6a. Remove public write access from the bucket policy:

  • If public write access is found, edit the bucket policy to remove any statements allowing public write permissions.
  • Save the changes to update the bucket policy.

6b. If no bucket policy exists, check the Access Control List (ACL):

  • Click on the "Permissions" tab.
  • Look for the "Access Control List" section and review its configuration.
  1. 1.

    Remove public write access from the ACL:

    • If public write access is found, modify the ACL to disallow public write permissions.
    • Save the changes to update the ACL.
  2. 2.

    Verify the remediation:

    • Attempt to write to the S3 bucket using public credentials or anonymous access to confirm that public write access has been disabled.
    • Review the bucket policy and ACL again to ensure public write permissions are no longer present.
  3. 3.

    Regularly monitor and validate:

    • Implement periodic reviews and monitoring to ensure ongoing compliance with the rule.
    • Regularly check the bucket policy and ACL to verify that public write access is not re-enabled.

By following these steps, you will effectively remediate and ensure compliance with the S3 bucket rule prohibiting public write access according to the FedRAMP Low Revision 4 security standard.

Is your System Free of Underlying Vulnerabilities?
Find Out Now