Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: S3 Public Access Blocked at Bucket Levels

This rule ensures that S3 public access is blocked specifically at bucket levels.

RuleS3 public access should be blocked at bucket levels
FrameworkNIST 800-53 Revision 5
Severity
High

Rule Description

The rule is to ensure that public access to Amazon S3 buckets is blocked at the bucket level, adhering to the security requirements outlined in NIST 800-53 Revision 5. This policy helps to prevent unauthorized access and potential data breaches by restricting public access to S3 buckets.

Troubleshooting Steps

If you encounter any issues while implementing this rule, follow these troubleshooting steps:

  1. 1.
    Review your bucket policies and access control lists (ACLs) to ensure they are configured correctly.
  2. 2.
    Verify that the bucket is not publicly accessible and there are no public access settings enabled.
  3. 3.
    Check if any bucket policies or ACLs explicitly grant access to the "Everyone" or "Anonymous" user.
  4. 4.
    Make sure that any existing bucket policies or ACLs are not conflicting with the desired configuration.

Necessary Codes

No specific code is required for this rule. Configuration changes can be made through the AWS Management Console, AWS CLI, or AWS SDKs.

Step-by-Step Guide for Remediation

To remediate this issue, follow these step-by-step instructions:

Via AWS Management Console:

  1. 1.
    Open the Amazon S3 Management Console.
  2. 2.
    Navigate to the S3 bucket you want to modify.
  3. 3.
    Select the "Permissions" tab.
  4. 4.
    Under the "Block public access" section, ensure that all settings are enabled to block public access. These settings include:
    • Block all public access
    • Block public access to buckets and objects granted through new access control lists (ACLs)
    • Block public access to buckets and objects granted through any access control list (ACL)
    • Block public access to buckets and objects granted through new public bucket policies
    • Block public and cross-account access to buckets and objects through any public bucket policies

Via AWS CLI:

  1. 1.
    Open a terminal or command prompt.
  2. 2.
    Use the following command to enable public access blocking for the specified S3 bucket:
    aws s3 put-public-access-block --bucket <bucket-name> --public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"
    
    Replace
    <bucket-name>
    with the name of your S3 bucket.

Conclusion

By following the provided steps, you can ensure that public access to your S3 buckets is blocked at the bucket level, aligning with the security requirements specified in NIST 800-53 Revision 5. This helps to safeguard your data and prevents unauthorized access.

Is your System Free of Underlying Vulnerabilities?
Find Out Now