02 - S3 Bucket Publicly Exposed

Ensure your S3 buckets are encrypted at rest

Ensure that your S3 buckets are exposed to the internet as this is considered security best practice and should always be done. Ensuring this is enabled will help with NIST,HIPPA, GDPR and PCI-DSS compliance.

Audit & Remediation

Login into your AWS account
Navigate to the S3 service at: https://console.aws.amazon.com/s3
On the left hand panel select Buckets.

Select the Name hyperlink for the S3 bucket you would like to check.
Under Permissions validate there is no Public banner for this bucket.

If you have a Public banner or anything is listed as Yes under Public access, then select the Everyone to open up configuration dialog box.
Ensure none of the boxes are selected under the Access to the objects as well as the Access to this bucket's ACL.

Repeat the outlined steps for all of your S3 buckets.

See all of your AWS S3 Buckets in a single place!

Do you want to see all S3 Buckets in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.