Ensure your S3 buckets do not allow full control to anonymous users
Ensure that your S3 buckets are not exposed to allow anonymous users to have full access on your buckets. This is considered security best practice and should always be done. Ensuring this is enabled will help with NIST,HIPPA, GDPR and PCI-DSS compliance.
Select the Name hyperlink for the S3 bucket you would like to check.
Under Permissions validate there is no Public banner for this bucket.
If you have a Public banner and have Yes under Public access for List objects, Write objects, Read bucket permissions and Write bucket permissions, your bucket is currently exposed to anonymous users with full control.
Select Everyone then remove all check marks listed on the property page.
Repeat the outlined steps for all of your S3 buckets.
See all of your AWS S3 Buckets in a single place!
Do you want to see all S3 Buckets in once place for all regions and all accounts? Login to our online demo to see exactly what this looks like. demo.intelligentdiscovery.io
Other Key Features
Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.