Ensure your S3 buckets do not allow read ACP access to authenticated users

Ensure that your S3 buckets are not exposed to allow aws authenticated users to have read ACP access on your buckets. This is considered security best practice and should always be done. Ensuring this is enabled will help with NIST,HIPPA, GDPR and PCI-DSS compliance.

Audit & Remediation



  • Select the Name hyperlink for the S3 bucket you would like to check.
  • Under Permissions validate there is no Public banner for this bucket.



  • If you have a Public banner and have Yes under Public access for Read bucket permissions set for Any AWS user, your bucket is currently exposed to authenticated users for read ACP access.
  • Select Everyone then remove all check marks listed on the property page.



  • Repeat the outlined steps for all of your S3 buckets.
See all of your AWS S3 Buckets in a single place!

Do you want to see all S3 Buckets in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.


Other Key Features


Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +