Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: S3 Public Access Block at Bucket Levels

Implement a rule to block S3 public access at bucket levels.

RuleS3 public access should be blocked at bucket levels
FrameworkGxP 21 CFR Part 11
Severity
High

Rule Description:

This rule is aimed at ensuring compliance with GxP regulations, specifically 21 CFR Part 11, which governs electronic records and signatures in the pharmaceutical industry. It specifies that public access to S3 buckets should be restricted to prevent any unauthorized access, modification, or deletion of sensitive GxP data stored in those buckets.

Troubleshooting Steps:

The following steps can be taken to troubleshoot and address any issues related to blocking public access to S3 buckets:

  2. 1.
    Verify bucket access settings: Confirm that the bucket is configured to block public access at the bucket level.
  4. 2.
    Check block public access settings: Review the settings to ensure that all public access settings are enabled.
  6. 3.
    Audit IAM policies: Examine the IAM policies associated with the bucket to ensure they do not grant any public access permissions.
  8. 4.
    Analyze bucket policies: Review any bucket policies in place to ensure that there are no permissions allowing public access.
  10. 5.
    Examine ACL permissions: Check the Access Control List (ACL) for the bucket and verify that there are no permissions granting public access.
  12. 6.
    Test bucket access: Attempt to access the bucket using a public URL to confirm that public access is indeed blocked.

Necessary Codes (If Applicable):

If necessary, the following code can be used to enable the block public access settings at the bucket level:

aws s3api put-public-access-block --bucket bucket-name --public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"

Ensure to replace 

bucket-name
with the actual name of the S3 bucket.

Step-by-Step Guide for Remediation:

Follow these steps to remediate the issue and block public access to the S3 bucket:

  2. 1.
    Open the AWS Management Console and navigate to the S3 service.
  4. 2.
    Locate the bucket for which public access needs to be blocked.
  6. 3.
    Select the bucket and click on the "Properties" tab.
  8. 4.
    Under the "Public access" section, click on "Edit."
  10. 5.
    Enable all the options for blocking public access, including "Block all public access" and "Block public and cross-account access if bucket has public policies."
  12. 6.
    Click "Save changes" to apply the new settings.
  14. 7.
    Verify the changes by attempting to access the bucket using a public URL. You should receive an access denied message.
  16. 8.
    Repeat these steps for any other S3 buckets that require public access to be blocked.

It is also recommended to periodically review the bucket policies, IAM policies, and ACL permissions to ensure ongoing compliance with the rule.

Note: The provided instructions assume that you have the necessary permissions to access and modify S3 bucket settings.

Is your System Free of Underlying Vulnerabilities?
Find Out Now