Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: S3 Public Access Blocked at Account Level

This rule ensures that S3 public access is blocked at the account level to maintain data security.

RuleS3 public access should be blocked at account level
FrameworkNIST 800-53 Revision 5
Severity
Medium

Description of the Rule

The rule states that for compliance with NIST 800-53 Revision 5, all public access to S3 buckets should be blocked at the account level. This ensures that any sensitive data stored in S3 buckets is not accessible to unauthorized users.

Troubleshooting Steps

If you encounter any issues while implementing this rule, please follow the troubleshooting steps below:

  1. 1.
    Check the current access settings of S3 buckets in the AWS account.
  2. 2.
    Verify that no S3 buckets have public access permissions enabled.
  3. 3.
    Review the IAM policies and roles associated with S3 buckets to ensure there are no misconfigurations.

Necessary Code

Below is an example of a policy that can be used to block public access to S3 buckets at the account level:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Deny",
            "Action": "s3:*",
            "Resource": "*",
            "Condition": {
                "Bool": {
                    "aws:SecureTransport": "false"
                }
            },
            "Principal": "*"
        }
    ]
}

Step-by-Step Guide for Remediation

Please follow the step-by-step guide below to remediate the issue and block public access to S3 buckets at the account level:

  1. 1.
    Log in to the AWS Management Console.
  2. 2.
    Go to the IAM service.
  3. 3.
    Click on "Policies" in the left navigation pane and then click on the "Create policy" button.
  4. 4.
    Choose the "JSON" tab to enter the policy configuration.
  5. 5.
    Copy and paste the necessary code provided above into the policy editor.
  6. 6.
    Click on "Review policy" to verify the policy configuration.
  7. 7.
    Provide a meaningful name and description for the policy.
  8. 8.
    Click on "Create policy" to save the policy.
  9. 9.
    Go to the S3 service.
  10. 10.
    Select each S3 bucket one by one and check their access permissions.
  11. 11.
    Remove any public access permissions and ensure that only authorized users or roles have appropriate access.
  12. 12.
    Repeat this step for all the S3 buckets in the account.
  13. 13.
    Monitor and regularly review the access permissions of the S3 buckets to ensure ongoing compliance.

By following these steps, you will successfully block public access to S3 buckets at the account level, in line with the NIST 800-53 Revision 5 compliance requirements.

Is your System Free of Underlying Vulnerabilities?
Find Out Now