This rule ensures that S3 public access is blocked specifically at bucket levels.
Rule | S3 public access should be blocked at bucket levels |
Framework | NIST 800-53 Revision 5 |
Severity | ✔ High |
Rule Description
The rule is to ensure that public access to Amazon S3 buckets is blocked at the bucket level, adhering to the security requirements outlined in NIST 800-53 Revision 5. This policy helps to prevent unauthorized access and potential data breaches by restricting public access to S3 buckets.
Troubleshooting Steps
If you encounter any issues while implementing this rule, follow these troubleshooting steps:
Necessary Codes
No specific code is required for this rule. Configuration changes can be made through the AWS Management Console, AWS CLI, or AWS SDKs.
Step-by-Step Guide for Remediation
To remediate this issue, follow these step-by-step instructions:
Via AWS Management Console:
Via AWS CLI:
Replaceaws s3 put-public-access-block --bucket <bucket-name> --public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"
<bucket-name>
with the name of your S3 bucket.Conclusion
By following the provided steps, you can ensure that public access to your S3 buckets is blocked at the bucket level, aligning with the security requirements specified in NIST 800-53 Revision 5. This helps to safeguard your data and prevents unauthorized access.